festivaly.eu Open in urlscan Pro
2606:4700:3034::6815:1976 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://festivaly.eu/
Effective URL:
https://festivaly.eu/en
Submission: On March 02 via api (March 2nd 2024, 2:46:47 pm UTC) from US — Scanned from US

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3034::6815:1976, located in United States and belongs to CLOUDFLARENET, US. The main domain is festivaly.eu.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2024. Valid for: 3 months.

This is the only time festivaly.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3034::6815:1976	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
3	52.219.75.54 52.219.75.54	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
53	11

8 2606:4700:3034::6815:1976 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

festivaly.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.219.75.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-central-1.amazonaws.com

fstvls.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	450 KB
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	74 KB
8	festivaly.eu 1 redirects festivaly.eu	96 KB
3	gstatic.com www.gstatic.com	17 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	64 KB
3	amazonaws.com fstvls.s3.amazonaws.com	44 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	243 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	93 KB
53	9

	Domain	Requested by
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	pagead2.googlesyndication.com	festivaly.eu pagead2.googlesyndication.com tpc.googlesyndication.com
9	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com festivaly.eu googleads.g.doubleclick.net
8	festivaly.eu	1 redirects festivaly.eu
3	www.gstatic.com	festivaly.eu googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	fstvls.s3.amazonaws.com	festivaly.eu
2	fonts.googleapis.com	googleads.g.doubleclick.net festivaly.eu
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	festivaly.eu
53	11

This site contains links to these domains. Also see Links.

Domain
www.instagram.com

Subject Issuer	Validity	Valid
festivaly.eu GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://festivaly.eu/en
Frame ID: E986FE20FB475315703F842550F95FC4
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 99678D4D38FAEC7E34CB6F58ACB5F529
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869198091643155&output=html&adk=1812271804&adf=3025194257&lmt=1709390799&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=https%3A%2F%2Ffestivaly.eu%2Fen&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709390798770&bpp=8&bdt=838&idt=440&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3030856408671&frm=20&pv=2&ga_vid=652804763.1709390799&ga_sid=1709390799&ga_hid=1364180247&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44798934%2C95325753%2C95325974%2C31081511%2C95322180%2C95324160%2C95325784%2C95326437%2C21065724&oid=2&pvsid=3924363659945019&tmod=1394127786&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=479
Frame ID: 24F99EF930AC65267FB356C9BFF4D901
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4954822F01C401CFC5BABB5446786D11
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 900EA696889557B573223B06BD949B14
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: BC7C21B4916A99D54584881F4A1EFE97
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 8E6662B8A916B3A6559F312D3C32611D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js
Frame ID: 6A043CC455A31358F950604E1925CC26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Festivaly.eu — Discover the best music festivals 2024!

Page URL History Show full URLs

https://festivaly.eu/ HTTP 302
https://festivaly.eu/en Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

100 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

837 kB
Transfer

2528 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/festivaly.eu/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://festivaly.eu/ HTTP 302
https://festivaly.eu/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en Show response
festivaly.eu/
Redirect Chain

https://festivaly.eu/
https://festivaly.eu/en

188 KB
26 KB

873ms
872ms

Document
text/html

2606:4700:3034::6815:1976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://festivaly.eu/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1976 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

242d3fd018bb3e8f332ee4b1ed9271cf5913944df0df95c6bddac73ec65c4850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 85e22d60d9e94c16-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Mar 2024 14:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdNBmpRBJY8ZtY86wSqv9ClUm2z0Me3%2FGPQs%2BZXTiGOfGtDEJLsoJcSBRSrYe%2Ff1cHWntncHZluL%2FxzoEbk4FVdMSqwrL0YxwXV9S%2BZ%2BaBXcJKXAOfRtEoGdfTMjVbtGbEzDVxnfOfXn%2BNE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 85e22d5d2bda4c16-MIA
content-type: text/html; charset=UTF-8
date: Sat, 02 Mar 2024 14:46:36 GMT
location: https://festivaly.eu/en
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKGWTzry3QR5DCaFIpHEZFICHD73HVIExZPCaAtISuwcWzsVRS14ACNU2686TpOBbus%2FBxeY821a77uiBZiIGF3Hf1j3XwMy4eFgN%2BMRcjdoF%2FSNhYi8sWu2v3HkYOUdwy8r5k6OicZHYyM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Language
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 app.css
festivaly.eu/css/v2/ 52 KB
11 KB 44ms
41ms Stylesheet
text/css 2606:4700:3034::6815:1976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://festivaly.eu/css/v2/app.css?id=5a2c9227f31e319b24b8
Requested by: Host: festivaly.eu
URL: https://festivaly.eu/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa1b85737c64a44e197d154911fd9cbee1e277ded77d2cbaca9eee89b4ee9bb6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Mar 2024 10:19:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11939
etag: W/"65e2fd1b-ce3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRkB%2Fa5Ur9CXY2bqIys1QuSTRXc8PwUFEs69CkOqQem74QxcyMPaWixcK9Wml98Z70zXd%2FncLMOs97JIsMjq%2Fsh2EDHl1aLRH5j6rSNDu2BlJ9YXYKJOfog7ucWL53NIyfFhsz9HI09wPP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 85e22d6738d63dd2-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Mar 2024 10:19:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
93 KB 242ms
85ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VH43845R58

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6318ac2069d5ced80516d905996deffa106c09518bd1d3d319bb7ed1e9688ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94769
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Mar 2024 14:46:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 280ms
138ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30a8e7f4987641969ea8549c4c09d0f1b240e6c9fc2776f34841704098f7b49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51178
x-xss-protection: 0
server: cafe
etag: 11504327255492402845
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 02 Mar 2024 14:46:38 GMT

GET
H3 200 blank.svg
festivaly.eu/images/ 1 KB
1 KB 75ms
72ms Image
image/svg+xml 2606:4700:3034::6815:1976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://festivaly.eu/images/blank.svg
Requested by: Host: festivaly.eu
URL: https://festivaly.eu/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec8781f094535f84460358e18c8d30973e0ad31ee03170dad7701f83b3e21ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2019 21:52:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 96211
etag: W/"5c91649e-417"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8wGAsns6qWYq7%2BUk3og0Wa5tpviGrbL0cpVZXTxkBLfH11yoOk1HUlkSQHAY5g50HyGs1Qw69INa90TCs7%2FdxBsgcmeLLNFKm94eeEGFgIpP1%2BdOR%2FpWFxdGw1%2FW6TDTRrJ6IHBWx88bg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 85e22d6748d93dd2-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Mar 2024 11:59:07 GMT

GET
H3 200 email-decode.min.js Show response
festivaly.eu/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 44ms
40ms Script
application/javascript 2606:4700:3034::6815:1976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://festivaly.eu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1976 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Feb 2024 15:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65de02d0-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BswsvqX%2BRsmGAmBTyyuPAbmeQX22xMuKEyBigJ3qsTR8n0acFFJP1n6p%2Fl5RHZUdDDpCkDF%2FwXaiIJXfpS0C28FTu8R3%2FXjrlNNsd1gYwcfxL1TIdfjiiT41exGQpO3Y6kbx9MRZUGJfuKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85e22d6748da3dd2-MIA
expires: Mon, 04 Mar 2024 14:46:37 GMT

GET
H3 200 app.js Show response
festivaly.eu/js/v2/ 165 KB
54 KB 50ms
48ms Script
application/javascript 2606:4700:3034::6815:1976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://festivaly.eu/js/v2/app.js?id=00d8c74fb17f5c05e9db
Requested by: Host: festivaly.eu
URL: https://festivaly.eu/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7180f7384514cc8bc93851599a49528b62086a06cd31f84a318972bce83a140c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Feb 2024 13:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 96212
etag: W/"65e08c05-29505"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASF6ukcbdShGnnGTGJWPGSA9nav1NHHeG%2FTp0ixq8BjpYYFH6rce7WSPWMzTDf8Cog2WA9izzJi0QVuPukxYjgBPbjLPjhHAXA0NGJg%2FnvN004iC7zZ65sMYZqT4cidX3qY%2B6qzgEJBNi2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 85e22d6789403dd2-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Mar 2024 11:59:07 GMT

GET
H3 200 bars-loader.svg
festivaly.eu/images/ 2 KB
781 B 56ms
55ms Image
image/svg+xml 2606:4700:3034::6815:1976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://festivaly.eu/images/bars-loader.svg
Requested by: Host: festivaly.eu
URL: https://festivaly.eu/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5366630b9e3d0571b3d35e9077da7af5269b294176107cce34ae09b4ea33618

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Jan 2020 14:45:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 96212
etag: W/"5e32ebec-710"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7%2Bpkqw1PsKqwrVzpFClrl0tubv5pB84VLAlSmAiWhXehpBXklekZYOLS2dot7AXpSAJNfw5IfpS70LvnwmuU4CkoPXMVT8QteaEtlxkA%2BCsgsx7oDxf4971ZcxwwI5%2FbbLzGVZVEM5lZM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 85e22d6a6d943dd2-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Mar 2024 11:59:08 GMT

GET
H3 200 close.svg
festivaly.eu/images/ 266 B
653 B 56ms
56ms Image
image/svg+xml 2606:4700:3034::6815:1976
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://festivaly.eu/images/close.svg
Requested by: Host: festivaly.eu
URL: https://festivaly.eu/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4203f42536281394e75d18ce0416172ea8b0f8f2816a9b5b24126c24b0ae7e79

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Jan 2020 14:45:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 96212
etag: W/"5e32ebec-10a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjoNct1TQKoHihybI07HsAXpRosxzQDpzWAcctN9my%2B6ENAQx8TXkq7ZZIL3h%2BMEQ9d4N0ohREkpcTyTodBvVvlQosSZFogjbyBjx1d3aktxmt1IbTJWtocJvzaLVEMkMaJ%2FykufLPoDz14%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 85e22d6a6d953dd2-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Mar 2024 11:59:08 GMT

GET
H/1.1 200
OK tn74944.jpg
fstvls.s3.amazonaws.com/75/ 14 KB
15 KB 827ms
177ms Image
image/jpeg 52.219.75.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fstvls.s3.amazonaws.com/75/tn74944.jpg
Requested by: Host: festivaly.eu
URL: https://festivaly.eu/en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.75.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 86333da82cf8f9e44403dd3b760ff7b25a7c77e0e605a92e99f69db5b0e61975

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 14:46:40 GMT
Last-Modified: Wed, 26 Aug 2020 07:58:30 GMT
Server: AmazonS3
x-amz-request-id: E7C3GZGBT60BX00X
ETag: "11b3d017703d2fd050c283dd6f522504"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 14565
x-amz-id-2: p2YnD8J25FC5DrR8xr4QEAHUjVk4UtmEunSEE7mg7Cp2C607z/nHTCs4QuhB3YDXDmL+jpdbHgE=

GET
H/1.1 200
OK tn42961.jpg
fstvls.s3.amazonaws.com/43/ 12 KB
12 KB 821ms
171ms Image
image/jpeg 52.219.75.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fstvls.s3.amazonaws.com/43/tn42961.jpg
Requested by: Host: festivaly.eu
URL: https://festivaly.eu/en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.75.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a51ec1293b16c141c727a3272db150ae43a60bc8c02c8bd82ad064f5d6fc6a74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 14:46:40 GMT
Last-Modified: Wed, 26 Aug 2020 07:13:50 GMT
Server: AmazonS3
x-amz-request-id: E7CC91A6F6G66C3Y
ETag: "ba9a86010a4d71c53b1d330e0fa1e1fb"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 11863
x-amz-id-2: o8Z2bRipGPscPRZ7smqqJmpzOMO5pnYgRmTNnsgkAMkly9opHH0Grk4DVmiFBqCm0LPxRwvclT4=

GET
H/1.1 200
OK tn141402.jpeg
fstvls.s3.amazonaws.com/141/ 17 KB
18 KB 809ms
160ms Image
image/jpeg 52.219.75.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fstvls.s3.amazonaws.com/141/tn141402.jpeg
Requested by: Host: festivaly.eu
URL: https://festivaly.eu/en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.75.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3586c62718a93430f04cf49ebe9be5542bce8ee71ea78cdb36192ee5ca420537

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 14:46:40 GMT
Last-Modified: Mon, 12 Feb 2024 17:10:50 GMT
Server: AmazonS3
x-amz-request-id: E7C4Z4953E3GVTAV
ETag: "9b45779178e30d258f5db0649a002dc0"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 17840
x-amz-id-2: oshInDfbrhwE01sCDU7urC48hHm7vM5BJ61YlTGKuzOH7Ds3lhLUOg5DB2i1Ht3wRWdSYMIgmd4=

POST
H2 204 collect
www.google-analytics.com/g/ 0
243 B 603ms
77ms Ping
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VH43845R58&gtm=45je42t1v9103808029za200&_p=1709390797990&gcd=13l3l3l3l1&npa=0&dma=0&cid=652804763.1709390799&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709390798&sct=1&seg=0&dl=https%3A%2F%2Ffestivaly.eu%2Fen&dt=Festivaly.eu%20%E2%80%94%20Discover%20the%20best%20music%20festivals%202024!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2514
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VH43845R58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 14:46:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://festivaly.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 406 KB
138 KB 165ms
164ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js?bust=31081511

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccebbddfc19bbb378e030826ae57bf096aa76ee16864582efd8d17efa957c216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140887
x-xss-protection: 0
server: cafe
etag: 2309251035342069481
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 14:46:38 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame 9967 9 KB
4 KB 544ms
68ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 43486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 02:41:53 GMT
etag: 5035419970550746386
expires: Sat, 16 Mar 2024 02:41:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 24F9 241 KB
55 KB 1267ms
1258ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9869198091643155&output=html&adk=1812271804&adf=3025194257&lmt=1709390799&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=https%3A%2F%2Ffestivaly.eu%2Fen&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709390798770&bpp=8&bdt=838&idt=440&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3030856408671&frm=20&pv=2&ga_vid=652804763.1709390799&ga_sid=1709390799&ga_hid=1364180247&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44798934%2C95325753%2C95325974%2C31081511%2C95322180%2C95324160%2C95325784%2C95326437%2C21065724&oid=2&pvsid=3924363659945019&tmod=1394127786&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=479

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js?bust=31081511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa1739216160df7b076caf8662d2fc428dcbb30fd5ab7c52fb236568d159837a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55956
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 14:46:40 GMT
expires: Sat, 02 Mar 2024 14:46:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 276ms
145ms XHR
application/json 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240228&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js?bust=31081511

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cbe96d1ac61eb007958039a859877bc00f6c0a5ead09f0ab3e145243b412d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12266
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 166 KB
56 KB 157ms
157ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/reactive_library_fy2021.js?bust=31081511

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js?bust=31081511

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be0ba43935f50d067cdfb9eb0637b8f08c522eabeafe9144511c22c92567f0a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57328
x-xss-protection: 0
server: cafe
etag: 1809892671795951807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 14:46:40 GMT

GET
H2 200 ca-pub-9869198091643155 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 1170ms
104ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9869198091643155?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js?bust=31081511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

287457ea1baa37320415e2163817e9d5a458b3a833e5c7b98d6944323735c597

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-37l1DeuHwW7jm8xEPNVt8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-37l1DeuHwW7jm8xEPNVt8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTDcfF7z3o2gRe7L35iAgAD2y4s"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 875ms
82ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js?bust=31081511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 14:46:41 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4954 13 KB
5 KB 65ms
63ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 42940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 02:51:01 GMT
expires: Sun, 02 Mar 2025 02:51:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 900E 829 B
1 KB 226ms
85ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67b8485c788c74467adb327fd76d06a99880fa6cce5d0069c17d5623b1f238a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zP2WUrRTTKpNGIzSd848-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://festivaly.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zP2WUrRTTKpNGIzSd848-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 14:46:42 GMT
expires: Sat, 02 Mar 2024 14:46:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4954 40 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 02:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Mar 2025 02:50:16 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame BC7C 9 KB
4 KB 64ms
62ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js?bust=31081511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 18:17:05 GMT
etag: 5035419970550746386
expires: Fri, 15 Mar 2024 18:17:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXYDd-B14TR7zws7zy46OM1QnmNV9jRqXFE2mc15WLas5uTsofsCHQI2uWpFeWqsooGpSxViPVI8gQu494TenkYu3dozWhCpN7jznSZun76SyS7v5cLK_eBvu7zkD4TKFO71CqTOA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 100ms
99ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXYDd-B14TR7zws7zy46OM1QnmNV9jRqXFE2mc15WLas5uTsofsCHQI2uWpFeWqsooGpSxViPVI8gQu494TenkYu3dozWhCpN7jznSZun76SyS7v5cLK_eBvu7zkD4TKFO71CqTOA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MzkwODAyLDUxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2Zlc3RpdmFseS5ldS9lbiIsbnVsbCxbWzgsInZ6ck52SFEtY3lvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyMTQ0OCw5NTMyNTk5Ml0sbnVsbCwyXSJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69ba3095d278948e2fc61dd4915d397eb359a4a98fa31b30e6e1bb5d730d5480

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GsiDIYW5okMMKQfGc84eeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-GsiDIYW5okMMKQfGc84eeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTNcel7z3o2gQX71hoDANTHLQU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BC7C 5 KB
767 B 681ms
78ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 14:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 13:32:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 14:46:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8E66 2 KB
900 B 657ms
77ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 14:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 13:33:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 14:46:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 8E66 2 KB
822 B 70ms
69ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 06:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 06:47:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 8E66 23 KB
9 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 06:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 06:47:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 8E66 3 KB
1 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 06:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 06:47:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 8E66 20 KB
8 KB 73ms
71ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 06:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 06:17:44 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8E66 207 KB
63 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 15:42:32 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 8E66 36 KB
15 KB 633ms
69ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 06:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 May 2024 06:47:55 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame BC7C 15 KB
6 KB 70ms
70ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 18:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6454
x-xss-protection: 0
server: cafe
etag: 7487576354850247333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 18:05:16 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC7C 205 B
296 B 642ms
86ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 09:01:33 GMT
x-content-type-options: nosniff
age: 279909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Feb 2025 09:01:33 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC7C 604 B
920 B 637ms
81ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 09:01:30 GMT
x-content-type-options: nosniff
age: 279912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Feb 2025 09:01:30 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame BC7C 22 KB
9 KB 77ms
76ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 18:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
server: cafe
etag: 981128176822753981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 18:05:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 900E 0
0 121ms
121ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240228&jk=3924363659945019&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4954 0
10 B 63ms
62ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KUN_5A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A04 51 KB
20 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Host: festivaly.eu
URL: https://festivaly.eu/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 16:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 16:38:33 GMT

GET
H3 200 amg.php Show response
fundingchoicesmessages.google.com/f/AGSKWxWKeSR98mirogZmZDJmQhqnRCupkh_7HGdFJHb-2o59G8l5m74c-asoN5CORI5-aezGAQe6-sCovWObf_XZcFd5Lr2h82anttq5I7RxK_D5Yl05rftyUZqRNSryWNZDhRnSAWxAQWBadOfsTxjQS6noiGEJc... 54 B
110 B 92ms
91ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWKeSR98mirogZmZDJmQhqnRCupkh_7HGdFJHb-2o59G8l5m74c-asoN5CORI5-aezGAQe6-sCovWObf_XZcFd5Lr2h82anttq5I7RxK_D5Yl05rftyUZqRNSryWNZDhRnSAWxAQWBadOfsTxjQS6noiGEJc63i9aVHlumW4LuS67iViO2CjW1M486-/_/sponsors/amg.php?/adframe2._adrotator./ad_choices__160x350.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx3N0hUyWWIfQKsJY5ik-ZxAx82ew/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c7179bcd83152eb2994cb767aa2c864c1ec63906b9331df34c6a6bfa5eda9748

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_ZrgoLHvP9zDYJQIHIU1qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-_ZrgoLHvP9zDYJQIHIU1qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw1JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ5-tLJgkg1gDiHT4eLHzrprOqALHu-umsoUAc83w6awoQO6XPYA0CYp_6GawxQCzEzXH5e896NoEFC16XAgAMPTJ3"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 147ms
146ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e171dd36ec6c108478ab12f68a42adcfeda0e6c8299ef115ec1831366298ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51175
x-xss-protection: 0
server: cafe
etag: 17866049725167028603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 02 Mar 2024 14:46:43 GMT

POST
H3 204 AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 213ms
87ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-loW7WWI1s_NjCA4TuhWB-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Mar 2024 14:46:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-loW7WWI1s_NjCA4TuhWB-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcfl7z3o2gR_LjmxkBACOpxHr"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://festivaly.eu
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 125ms
124ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240228&jk=3924363659945019&bg=!LS6lLmHNAAauXHXJjlw7ADQBe5WfOOqLxU3mm57jJJ_Sg1HabwdBWzLRT494jxmA-sgEvCDpqIrCSjSzngSAx7tZI6CxAgAAAklSAAAAB2gBBwoAkNyoX84Qpc2CO5sw3aoTgkdbTcyyUVvzhrob14B7eJq4jYR-hSaEilJLVKMF8c2T_L6irjRSjrXf4DrFzj4JdFF8nnekXkKDj6oHYFq4vnJuE9UY3SctPDGo5G5v1BR1KGS6bH2RXHO6GVgLYP12QbHc_VXxiZhmTmYx0W1agoKOwc6AAy7DoTSGgsm0sOXPa5kCwgOIENw3DnwhxSr_2KGBqt7o0X5ogHiGl9W4wqXbFt91eP9bafjHK0oJZ2qaR8V3jHW2mRGGlCu2JfuMdTdRP7tS2qaFRvOnsF3JRvIXe7JMyBkCHSQl-Exh-B4ZZ_cWdcGUJm-2VM1wJaxmEaE8ZGNehPye_cn3DR_OZigCOnRcxmjwWU2WbUhF6ueaMn7zAr9d9cyANgNQ7zPUT5zLaYVhm9V--9KyuiU3AKkkIAB9EVcEk_oIpBxbsm_v0gL1Wwu1-WWOkxHh0jirEpnZUBy9okLhegKhmeYX2r3K8SCHrEXTxQBiqjhrcgoctSm4IYPemxANRkCeNlWIdZ9Dex_gzXrm9qluNgFca7G9165KO3wFoHwJGCyhe43h3Vj6yNbPvtJaFTAHWBspo5UXypNf1WHbCE74LSqACotBQKhHh1D8w3PMMxh2jUJSLSgDMjStHS63YeLdLoM384BRmLDWQ-l4mHWro5-kcdCPae22km7AYVGo3GkM8vqUWIuIQnQR-qbCEWfoFhUyNE4TDcS9CKChk3pTyu3hQ9EsE52mUjkeCYlXCKyI5-_vos05hIUa3JecptHoYvW80ixaadY6ofYfDsJ5i7qdHtcq8TzUqAS9_oJKZ84HeF2oQLZWTMU5ICOXaX46yyExfKTpXqlUIjwbflWyO09P1HiZCKLaL5zDKGYdUDdNSP__9Bqc4hUCTNwkcNhSTMPrZOxcUI8lAXzimEKymMSqbnJLYd0PyilXWCfeuZKRDnRAb2ed3b8x1NSVYUEg0QsGWdJgj3no10syq7Pl6BvukVP2zOL1TJZJcKhNUKoLMyhNNPjNeeRCU8wL6IVhEJc8PWLF_LIxmwujRNNaXkGiw1PdMXx4WVe_qrq-iGYhkHvMWQfesrHpAY7b88n4vq5C0nq6uGMC1zwQfNA8vW19qe5axtl_YrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

POST
H3 204 AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 92ms
88ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Quro_-qvmqRaz83jzG0Zug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Mar 2024 14:46:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Quro_-qvmqRaz83jzG0Zug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcfl7z3o2gR2nHi1hBgCQBRHs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://festivaly.eu
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 90ms
88ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M28bjUdMP8Y824sx3d4IwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Mar 2024 14:46:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-M28bjUdMP8Y824sx3d4IwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcfl7z3o2gQnvD25kBgCP5BHX"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://festivaly.eu
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 103ms
101ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cpxyNh-oz3gNuF2UxYuZEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Mar 2024 14:46:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cpxyNh-oz3gNuF2UxYuZEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcfl7z3o2gRPb_2xhBgCP7RIQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://festivaly.eu
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUiTh_HmbMO9Qqy9rqzB_RMqhOeg-xSirpZFoTEwRf01fhXYKg4qqOQAH0YMrCZ1j0zXjBBs2PcL8vEQFMGZA8mwNyyl5a3eqWmBtVkbwCkT6o0n4Y5prp1X910pKq8-2tcJRAY9w== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 98ms
97ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUiTh_HmbMO9Qqy9rqzB_RMqhOeg-xSirpZFoTEwRf01fhXYKg4qqOQAH0YMrCZ1j0zXjBBs2PcL8vEQFMGZA8mwNyyl5a3eqWmBtVkbwCkT6o0n4Y5prp1X910pKq8-2tcJRAY9w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MzkwODAzLDg4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZmVzdGl2YWx5LmV1L2VuIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzIxNDQ4LDk1MzI1OTkyXSxudWxsLDJdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f1a191937ff3b6e4651bff326f55000b0c1be84795d23d14bb67d625bd8b898

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pp0UfOvE30mc5TqdcBdkGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-pp0UfOvE30mc5TqdcBdkGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTDcfl7z3o2gQ3tp_YyAwD_Vi2C"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 85ms
84ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-35Zbb38uXINevz6lXaLq2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Mar 2024 14:46:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-35Zbb38uXINevz6lXaLq2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw05BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNceV7z3o2gQtdiwQBe8MQ6Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://festivaly.eu
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWOQVMnNxldwTlRj052n64ah7J1SyviAVEQdjl59uyIf5Otk_9z-IdAS3V2tlafCxHTsUFfGsYqf_VYKqZX-cZ-aQpeg6Th6hrFLKZ7pacUdsMLW34Mbi0i5ja8qp_yXWZPhuWdmQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 106ms
105ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWOQVMnNxldwTlRj052n64ah7J1SyviAVEQdjl59uyIf5Otk_9z-IdAS3V2tlafCxHTsUFfGsYqf_VYKqZX-cZ-aQpeg6Th6hrFLKZ7pacUdsMLW34Mbi0i5ja8qp_yXWZPhuWdmQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MzkwODAzLDk5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZmVzdGl2YWx5LmV1L2VuIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzIxNDQ4LDk1MzI1OTkyXSxudWxsLDJdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c20be715607d7e156f681c67674266c4d62088e9413ad8cf3009525109c1d778

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-n2HCR-9qouSbyziFVvtXlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-n2HCR-9qouSbyziFVvtXlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw0JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ5-tLJgkg1gDiHT4eLHzrprOqALHu-umsoUAc83w6awoQO6XPYA0CYp_6GawxQCzEzXHle896NoEbc2_LAAAIiDI7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW5GKSLgte6Qo0ScavbL2-dYR3QK4gt3kMGdIwkwaF7Gxd3Ivih_diJheL-Dihk5BllCe0xu34hhgawYpizf8iO_gfOkt_KVSHLd3PSoLaRqQit3mbhsk_3qpJeRpl4eKqm4pBd-w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 103ms
102ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW5GKSLgte6Qo0ScavbL2-dYR3QK4gt3kMGdIwkwaF7Gxd3Ivih_diJheL-Dihk5BllCe0xu34hhgawYpizf8iO_gfOkt_KVSHLd3PSoLaRqQit3mbhsk_3qpJeRpl4eKqm4pBd-w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MzkwODA0LDEwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9mZXN0aXZhbHkuZXUvZW4iLG51bGwsW1s4LCJ2enJOdkhRLWN5byJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjE0NDgsOTUzMjU5OTJdLG51bGwsMl0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc143655248ebe669c5dc533952957f510b42f555bdd89c33533262b460d8421

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SGhjjzdO2hYFtDCSEFW8Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://festivaly.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:46:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-SGhjjzdO2hYFtDCSEFW8Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTNceV7z3o2gRfddwIA2owtcw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU6vaZbGo5ZUHAhxEjc3dwCZ-2Ege-2Fz84Kjk4mZU2m7eB-3HGFnFIx1Uw_4x8Hr6z3axEQ8PRcFXyqeg2K2PuDb-TjC5U5z_ZQDqOwlIInkgm6Bz_7bCtjlaRweJ2PIkoqaU80w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 90ms
90ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6vaZbGo5ZUHAhxEjc3dwCZ-2Ege-2Fz84Kjk4mZU2m7eB-3HGFnFIx1Uw_4x8Hr6z3axEQ8PRcFXyqeg2K2PuDb-TjC5U5z_ZQDqOwlIInkgm6Bz_7bCtjlaRweJ2PIkoqaU80w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mCXGBeGAqitCaBqFazkAlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Mar 2024 14:46:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mCXGBeGAqitCaBqFazkAlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNceV7z3o2gQkz-usAeq0RDg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://festivaly.eu
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 86ms
86ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUww_8PUn2y7v64r33NLBbhMwOmB1gu5IQBN4fQ641HWlanMUMhFL_9dA-jsWOFnPKPmglLTFvduQb1S1c7aHBeCWjXsh8hL_9VgH5DQHSCftb5-a-OVwhppUc55awYCekhKxPy6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Vt_wlhvjFZoJx5lPtt8_1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://festivaly.eu/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Mar 2024 14:46:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Vt_wlhvjFZoJx5lPtt8_1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw0ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNceV7z3o2gR-fv9UAAH-_Ej8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://festivaly.eu
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
festivaly.eu/	1970-01-20 18:49:57	Name: XSRF-TOKEN Value: eyJpdiI6Ik5uTCtFbDJGMUI2d0gyRXozVHJQNlE9PSIsInZhbHVlIjoiS0NRU0Z2ZEt2KzVaT3pxaUU5YjV1d3gvZmtYRkdqdHMzYnhEbDJHZ3o0Q0sxelI4M3VjRktVSEtpcm9scitSOE4xMTlURUhqVFpwbU1nNGtyaGFxRWF5VU5tQSswbDIza05pL0NUZ0V1Q2FQMitsZ2FubzJQVm9OaWZpNHJFVVAiLCJtYWMiOiI5YTdlZWM2ZDVmNDI1NDliYjgwMjU2M2IyYmU2N2I5YjRhYWYwYjI1NzgzZjUwYzM5ZmFlMmQwMTgzNzI0ZWZiIiwidGFnIjoiIn0%3D
festivaly.eu/	1970-01-20 18:49:57	Name: laravel_session Value: eyJpdiI6ImhIWFFuNU54ZkpVZWpaeG5ZQ2QyMWc9PSIsInZhbHVlIjoiK0ZsLzVTTDQ1WXpBQW5KUFgzNlVVQ1dVbnpwZXZYRWpTOGZ3Rk9QRkl1VEdQU0ttUi9hMW1vck1jUUlsS0I1MCtqUDdwVWh2NENYWFExdzRBTkF3MHQ2T0NleXdpaGxIdlZKNEhqTnVjdXJKTDVVSmE1SzFHUkRIa3VYVURabGkiLCJtYWMiOiI5YzVhYWYxMDY2YjdiOWQ3OGQxNDRhNGY3MGZkYWI4ZmNhY2U4NWY3ZjFlNzE0MWZkZWU4Y2NkZjhlYzgzZWI3IiwidGFnIjoiIn0%3D
.festivaly.eu/	1970-01-21 04:25:50	Name: _ga_VH43845R58 Value: GS1.1.1709390798.1.0.1709390798.0.0.0
.festivaly.eu/	1970-01-21 04:25:50	Name: _ga Value: GA1.1.652804763.1709390799
.doubleclick.net/	1970-01-20 18:49:51	Name: test_cookie Value: CheckForPermission
.festivaly.eu/	1970-01-21 04:11:26	Name: __gads Value: ID=45cb4656a79679b5:T=1709390799:RT=1709390799:S=ALNI_MYN5aSELjhY6L5o4gmuE4zXYghAKA
.festivaly.eu/	1970-01-21 04:11:26	Name: __gpi Value: UID=00000dcea15afd1a:T=1709390799:RT=1709390799:S=ALNI_MbhRl34foMIH7ElAcmqW7iRHodyGg
.festivaly.eu/	1970-01-20 23:09:02	Name: __eoi Value: ID=95f4cf69874f9991:T=1709390799:RT=1709390799:S=AA-AfjZYdcmC2djiQG5pX2Voh73q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://festivaly.eu/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://festivaly.eu/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

festivaly.eu
fonts.googleapis.com
fstvls.s3.amazonaws.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2606:4700:3034::6815:1976
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2002
2607:f8b0:4006:820::2008
2607:f8b0:4006:824::200e
52.219.75.54
242d3fd018bb3e8f332ee4b1ed9271cf5913944df0df95c6bddac73ec65c4850
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
287457ea1baa37320415e2163817e9d5a458b3a833e5c7b98d6944323735c597
30a8e7f4987641969ea8549c4c09d0f1b240e6c9fc2776f34841704098f7b49b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3586c62718a93430f04cf49ebe9be5542bce8ee71ea78cdb36192ee5ca420537
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4203f42536281394e75d18ce0416172ea8b0f8f2816a9b5b24126c24b0ae7e79
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4cbe96d1ac61eb007958039a859877bc00f6c0a5ead09f0ab3e145243b412d14
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
5f1a191937ff3b6e4651bff326f55000b0c1be84795d23d14bb67d625bd8b898
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
6318ac2069d5ced80516d905996deffa106c09518bd1d3d319bb7ed1e9688ec0
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
67b8485c788c74467adb327fd76d06a99880fa6cce5d0069c17d5623b1f238a3
69ba3095d278948e2fc61dd4915d397eb359a4a98fa31b30e6e1bb5d730d5480
7180f7384514cc8bc93851599a49528b62086a06cd31f84a318972bce83a140c
72e171dd36ec6c108478ab12f68a42adcfeda0e6c8299ef115ec1831366298ef
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
86333da82cf8f9e44403dd3b760ff7b25a7c77e0e605a92e99f69db5b0e61975
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
a51ec1293b16c141c727a3272db150ae43a60bc8c02c8bd82ad064f5d6fc6a74
a5366630b9e3d0571b3d35e9077da7af5269b294176107cce34ae09b4ea33618
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
aa1739216160df7b076caf8662d2fc428dcbb30fd5ab7c52fb236568d159837a
aa1b85737c64a44e197d154911fd9cbee1e277ded77d2cbaca9eee89b4ee9bb6
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
be0ba43935f50d067cdfb9eb0637b8f08c522eabeafe9144511c22c92567f0a9
c20be715607d7e156f681c67674266c4d62088e9413ad8cf3009525109c1d778
c7179bcd83152eb2994cb767aa2c864c1ec63906b9331df34c6a6bfa5eda9748
ccebbddfc19bbb378e030826ae57bf096aa76ee16864582efd8d17efa957c216
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
fc143655248ebe669c5dc533952957f510b42f555bdd89c33533262b460d8421
fec8781f094535f84460358e18c8d30973e0ad31ee03170dad7701f83b3e21ac

festivaly.eu Open in urlscan Pro 2606:4700:3034::6815:1976 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

91 %IPv6

9 Domains

11 Subdomains

11 IPs

2 Countries

837 kBTransfer

2528 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

festivaly.eu Open in urlscan Pro
2606:4700:3034::6815:1976 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

837 kB
Transfer

2528 kB
Size

8
Cookies

53 HTTP transactions
0 data transactions