urlscan.io logo urlscan.io
SecurityTrails logo

merrychristmas.mahakalservices.com Open in urlscan Pro
65.108.108.218  Public Scan

Go To Rescan Add Verdict Report
URL: https://merrychristmas.mahakalservices.com/
Submission: On December 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 12 domains to perform 30 HTTP transactions. The main IP is 65.108.108.218, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is merrychristmas.mahakalservices.com.
TLS certificate: Issued by R3 on December 17th 2023. Valid for: 3 months.
This is the only time merrychristmas.mahakalservices.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    65.108.108.218 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.218.108.108.65.clients.your-server.de
merrychristmas.mahakalservices.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    2606:4700:3036::ac43:acf5 (United States)

ASN13335 (CLOUDFLARENET, US)
click-it.me
15    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
doc-10-bk-docs.googleusercontent.com
2    2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
1.bp.blogspot.com
2    2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4004:c19::8b (Washington, United States)

ASN15169 (GOOGLE, US)
drive.google.com
1    23.237.156.34 (Chicago, United States)

ASN174 (COGENT-174, US)
phoneky.co.uk
1    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
15 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12342
doc-10-bk-docs.googleusercontent.com — Cisco Umbrella Rank: 501936
1 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 bit.ly
bit.ly — Cisco Umbrella Rank: 5695
514 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
147 KB
2 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 13795
1.bp.blogspot.com — Cisco Umbrella Rank: 11479
29 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 340
31 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
10 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 phoneky.co.uk
phoneky.co.uk — Cisco Umbrella Rank: 770075
676 KB
1 google.com
drive.google.com — Cisco Umbrella Rank: 294
1 KB
1 click-it.me
click-it.me
3 KB
1 mahakalservices.com
merrychristmas.mahakalservices.com
10 KB
30 12
Domain Requested by
14 blogger.googleusercontent.com merrychristmas.mahakalservices.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 bit.ly 3 redirects
2 www.googletagmanager.com merrychristmas.mahakalservices.com
www.googletagmanager.com
2 cdnjs.cloudflare.com merrychristmas.mahakalservices.com
1 fonts.gstatic.com merrychristmas.mahakalservices.com
1 phoneky.co.uk merrychristmas.mahakalservices.com
1 doc-10-bk-docs.googleusercontent.com merrychristmas.mahakalservices.com
1 drive.google.com 1 redirects
1 1.bp.blogspot.com merrychristmas.mahakalservices.com
1 3.bp.blogspot.com merrychristmas.mahakalservices.com
1 click-it.me merrychristmas.mahakalservices.com
1 ajax.googleapis.com merrychristmas.mahakalservices.com
1 fonts.googleapis.com merrychristmas.mahakalservices.com
1 merrychristmas.mahakalservices.com
30 15

This site contains no links.

Subject Issuer Validity Valid
merrychristmas.mahakalservices.com
R3		 2023-12-17 -
2024-03-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
Phoneky.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2023-11-06 -
2024-11-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://merrychristmas.mahakalservices.com/
Frame ID: BB6C46E5D2F453F8733B5983FC69CAE0
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Merry Christmas

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

90 %
HTTPS

77 %
IPv6

12
Domains

15
Subdomains

11
IPs

2
Countries

2042 kB
Transfer

2648 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://bit.ly/3KGhduf HTTP 301
  • https://click-it.me/slider.js
Request Chain 20
  • https://bit.ly/2VLMnaW HTTP 301
  • https://1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/wp.png
Request Chain 22
  • https://bit.ly/3U4c8z7 HTTP 301
  • https://drive.google.com/uc?export=download&id=1yiw_VIrUdLLQRmYMzCrCQpEi_dDUKZDh HTTP 303
  • https://doc-10-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/m8uscbn27i79qdcioj71pqesctendf23/1702836300000/03469655650848561796/*/1yiw_VIrUdLLQRmYMzCrCQpEi_dDUKZDh?e=download&uuid=4180e60c-83f5-495c-a327-1eae2cebf44e

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
merrychristmas.mahakalservices.com/ 		52 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.108.108.218 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.218.108.108.65.clients.your-server.de
Software
LiteSpeed /
Resource Hash
27a7d380404172051ae44fc72aaefa93ef0b669a1d1b1aafcd1f6ab9b0af9600

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
9946
content-type
text/html
date
Sun, 17 Dec 2023 18:05:41 GMT
last-modified
Sun, 17 Dec 2023 14:49:35 GMT
server
LiteSpeed
vary
Accept-Encoding
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1018358
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoWJU7wxvjVKZoXBGbpDc7tcABNP%2Fzqz9M9wx7j3I6kIYuPlQA6YR3rp5ezB9DmHjrFGJRQvL0nAp9i9H5G%2Fl8IJ7EKlSImxWXqsCA8sxMu1NjpssecvkCF5BiSc8iqWHFmlgblcbAxx8r1OymnRZ3JU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
837118828e65c3ee-EWR
expires
Fri, 06 Dec 2024 18:05:42 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
255021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fq0Bqe15qRLkP%2Bjd7uGpTOZomtVdiTfVVVQQ13SqaG6Zd%2BN%2FnpW%2BuYKyiM3r3bCDwkArQq53j5eRK%2B8f%2FoHzEeLD%2B8FyhepIKWzP1FVDirilS46HLjS%2BsKpakDW1rB%2BUR%2FfLtvl6GpnMKsYb007u3Cna"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
837118828e63c3ee-EWR
expires
Fri, 06 Dec 2024 18:05:42 GMT
css
fonts.googleapis.com/ 		562 B
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Sofia:&effect=neon
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88509d73cf7a5f6a3a29da5299861b96db5451535f904d36f2d99d1888aaf42f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 18:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 18:05:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 18:05:42 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 02:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Dec 2024 02:16:54 GMT
slider.js
click-it.me/
Redirect Chain
  • https://bit.ly/3KGhduf
  • https://click-it.me/slider.js
8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click-it.me/slider.js
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Server
2606:4700:3036::ac43:acf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a02f27ea1425ac7f63aaa75c75a68ac10946afb1117db732203ac003b2cc2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 05:01:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
118284
etag
W/"2091-5ddcb19d-1ff37b;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoYZGbgl6jd%2BkgH2nhF82rO4Fa6LEMa73Jmgur6Ouwx0aa1VXldvdYg%2BDWe3geMo2XLnNKvO10Uy%2BxR8lMWqd1kUau3z3yYKExdrZIs%2FTEkAAGRClOKl9FqAtVSUnXatnHENjDMK7FTjYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
83711882fcf2c461-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 23 Dec 2023 09:13:38 GMT

Redirect headers

date
Sun, 17 Dec 2023 18:05:42 GMT
content-security-policy
referrer always;
referrer-policy
unsafe-url
via
1.1 google
server
nginx
content-type
text/html; charset=utf-8
location
https://click-it.me/slider.js
cache-control
private, max-age=90
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
AVvXsEg5a1uIP3YJmFD5ibCDK7eO08-aMbhfh7nH8GT24d-AxeyqBJBJYML-fE2KKdy-InXZhNi7CSCJ_EzK5EVaOC5d7uRObidAs-NQiLKzZ-5oAcXBHrASriWLMpBPkYduuGWPAWUx6BpiJP4m3C9b7nbe5bWYg9A5AkD3q9OsdCkAPHZl8ALN5-G2fGPw4NM
blogger.googleusercontent.com/img/a/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEg5a1uIP3YJmFD5ibCDK7eO08-aMbhfh7nH8GT24d-AxeyqBJBJYML-fE2KKdy-InXZhNi7CSCJ_EzK5EVaOC5d7uRObidAs-NQiLKzZ-5oAcXBHrASriWLMpBPkYduuGWPAWUx6BpiJP4m3C9b7nbe5bWYg9A5AkD3q9OsdCkAPHZl8ALN5-G2fGPw4NM
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9373b9c9073cecc10f6cf9a2641c85611b164d313c2f26fb9b88151f9b47c2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v659"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="sanya-2.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129594
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
AVvXsEj6IE9AJWUjulr_Ji1RDsaZplweF7dxkghEqWXkIBYUocuzSt47lyXLVLxNi7blbKp1KVlqye3H3GZClDFFkrv7iijfaiz6pdKRxJXiZ_RvM_dpjFPzJOofo7Jvt3VF7nSgX7Zt08tBoRf_UvdnBq_rz2Lw2yIl0f4DKmDFts8iSbezO99UlWZeBwEnGIk
blogger.googleusercontent.com/img/a/ 		309 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEj6IE9AJWUjulr_Ji1RDsaZplweF7dxkghEqWXkIBYUocuzSt47lyXLVLxNi7blbKp1KVlqye3H3GZClDFFkrv7iijfaiz6pdKRxJXiZ_RvM_dpjFPzJOofo7Jvt3VF7nSgX7Zt08tBoRf_UvdnBq_rz2Lw2yIl0f4DKmDFts8iSbezO99UlWZeBwEnGIk
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c6d8e43834ff515ae8f32f8ddd52001ede3fec7ffd74d3e84da385149322dbc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:43 GMT
x-content-type-options
nosniff
server
fife
etag
"v658"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="left (1).png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316315
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:43 GMT
AVvXsEgG9CN-tJBzpuRJ12f7zcB_nMBkLymeR7LCg_IXc4UIDiC5IX5ubIqMHzPt0GeT5vNT2vlBG7cLJ4Ylf80Whl_DehSLF6ZM8zRxGQc16YZ0XOD1SpezsIeCtZYSCSs4wtZYMT85R7Jb9k2IE0ScClGX45VKtE_ZlN1DLbXwi9SYV5_ZKeGxCaNTdYlGvyo
blogger.googleusercontent.com/img/a/ 		285 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgG9CN-tJBzpuRJ12f7zcB_nMBkLymeR7LCg_IXc4UIDiC5IX5ubIqMHzPt0GeT5vNT2vlBG7cLJ4Ylf80Whl_DehSLF6ZM8zRxGQc16YZ0XOD1SpezsIeCtZYSCSs4wtZYMT85R7Jb9k2IE0ScClGX45VKtE_ZlN1DLbXwi9SYV5_ZKeGxCaNTdYlGvyo
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
beef55b198e5327cbff6fd3bfc5a978484fbebdf534a04c9541df6d93918f1ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v65a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="right (1).png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
291383
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
star-removebg-preview.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1cWGNJKZlTXhyZTlxzMhkq0sqbFouUlRDAzpie_JPep19qEgZ9-3naV-O3mCGDdGJfserEt1BaoqlVQldmze0tTyPcw2Qi71_hJIR1d9uRWakKMMz6f170_N4lELNbZdYq72XqwcjMdW86GjH... 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1cWGNJKZlTXhyZTlxzMhkq0sqbFouUlRDAzpie_JPep19qEgZ9-3naV-O3mCGDdGJfserEt1BaoqlVQldmze0tTyPcw2Qi71_hJIR1d9uRWakKMMz6f170_N4lELNbZdYq72XqwcjMdW86GjHzD37r_osa1ubCEwPH0c9ZHmWLeaSzz92k1yUu9WB8A/s51/star-removebg-preview.png
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
01ddb553fe84fe82e99fb3e530bc32f0b429350cbffdd8eac899b31d253b83e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v467"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="star-removebg-preview.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3285
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
111-removebg-preview.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC4F2MugGbLD3KGvrCxRQF3bC2-RYjLchFoaFrg12rITdlt-SqeuTN3N0Aar-z5i0KXDFlvDCiU7djHPhy5eKSbSw7HgH-gmDDzmVnxM9-tkd2iD1Lzup9sQ6-8szr6WPYzwPmo7p_GbhDblgE... 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC4F2MugGbLD3KGvrCxRQF3bC2-RYjLchFoaFrg12rITdlt-SqeuTN3N0Aar-z5i0KXDFlvDCiU7djHPhy5eKSbSw7HgH-gmDDzmVnxM9-tkd2iD1Lzup9sQ6-8szr6WPYzwPmo7p_GbhDblgEfpKmJn_klNeNCFlY7kbE-tq-4ac2SllCYh34gsluvw/s45/111-removebg-preview.png
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
590629452f97c8cfcb69f3d6c088b9174bf3d8afcee65aded5da3389ba966d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v465"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="111-removebg-preview.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3318
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
1111-removebg-preview.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBCp2j-3E_AP8U9TofjglV76kHvpl_fNUFkzEBDDCFZft-KIUCIs42tKF1Y7-WJu3uaLRQUQc5X9QzJ9g1V2SWbxl-ncqOLtI482-h1xGvebUD1yUg44TYC1is368VDwk8qqDH_64l_2ump1_Z... 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBCp2j-3E_AP8U9TofjglV76kHvpl_fNUFkzEBDDCFZft-KIUCIs42tKF1Y7-WJu3uaLRQUQc5X9QzJ9g1V2SWbxl-ncqOLtI482-h1xGvebUD1yUg44TYC1is368VDwk8qqDH_64l_2ump1_ZC4q_qeYDpqnOk85D99vSrJZhY52to3OMBDNuiI_oUQ/s59/1111-removebg-preview.png
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c1ad6184f32e2f13833aa4cb65a2653bac11f0b8038620cd349216eee271b7a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v464"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="1111-removebg-preview.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5198
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
11-removebg-preview.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPrWxmpqjIoOJjHc1nm_AmnkYGkUsM__S6IEteEPQQLcscW9pqz-FlHr5zrU8Y4kQcNY6Pa2kexopvBM1NInkoo-NRSlqYmi9a00KIOSMd1YhN1GZF68GQvUWsj2MizNY5xCMbL3LOZqTVz9F-... 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPrWxmpqjIoOJjHc1nm_AmnkYGkUsM__S6IEteEPQQLcscW9pqz-FlHr5zrU8Y4kQcNY6Pa2kexopvBM1NInkoo-NRSlqYmi9a00KIOSMd1YhN1GZF68GQvUWsj2MizNY5xCMbL3LOZqTVz9F-O4ZLSRI1v0lt2eSzAjUpT_hKq4p7oJYq09ryTQ11oA/s45/11-removebg-preview.png
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8c19d26fd623af331ccf7e70e58996867e5bcf32295ccfbdc75b30684ca8336d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v466"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="11-removebg-preview.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
kiTarafSe.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS__ZY6tw8FC9167d1WPZ4wmJ-w16T--UK_Dk34BAuesCJk67tciPQZ8zsthIZ8Vtoq2mYZUupa5P352aBZnuYTT7esHXxuNe3aYjO5z2Eu2iMP000Wmbv77k-KyQqdXN2hmUKRCB4vp37EArl... 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS__ZY6tw8FC9167d1WPZ4wmJ-w16T--UK_Dk34BAuesCJk67tciPQZ8zsthIZ8Vtoq2mYZUupa5P352aBZnuYTT7esHXxuNe3aYjO5z2Eu2iMP000Wmbv77k-KyQqdXN2hmUKRCB4vp37EArlL16IZPPQS_xkxMRIWZrsKVpvB5eeYOvnmVCOrO9N/s783/kiTarafSe.png
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
89adb8d32551998ce8c2f95390c7c2fb620c943ee0637225c07c671b80abac44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"vf62"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="kiTarafSe.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6658
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
AVvXsEipr-_2ZTDyHZpIeYMifHdaD7hwzcNZuS0caTZstfM4dLtSRZHNyFcC9aA0APPV583I3IF9Q518q9ORhrZcusTuwSX2hUTZRrgX3hohhm_y6Qzn0mITQr4JmKWNUjBeyNSOXz_ZjdbwfK6Ij-dmPLkVNCFZeOrB71chHU31r3pSbJO2Es01oD6zAwdW2BI
blogger.googleusercontent.com/img/a/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEipr-_2ZTDyHZpIeYMifHdaD7hwzcNZuS0caTZstfM4dLtSRZHNyFcC9aA0APPV583I3IF9Q518q9ORhrZcusTuwSX2hUTZRrgX3hohhm_y6Qzn0mITQr4JmKWNUjBeyNSOXz_ZjdbwfK6Ij-dmPLkVNCFZeOrB71chHU31r3pSbJO2Es01oD6zAwdW2BI
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
64c6df750e710a203ff0714d6f244e5902c95bc681def3bae295571f5c845d1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:43 GMT
x-content-type-options
nosniff
server
fife
etag
"v65a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="christmas (1).png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22109
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:43 GMT
AVvXsEj0vLY6MIBHcJpx2SjfcXV_gthLmiw-HQuHKbLAL4cz9NC11NtKWvFyFwe3IerU7mDtFR_1iYVlGEK1Oh91Cvn1f3Yt-wYdsQyvvI92P-VzAipTNFxB5-R-Ufu-Jj1igty-LXqjczU6hXERxea56-pQaRtz1kQSGFTwbrGM7KA0KwIrMRIfCKqMBIA8HZ8
blogger.googleusercontent.com/img/a/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEj0vLY6MIBHcJpx2SjfcXV_gthLmiw-HQuHKbLAL4cz9NC11NtKWvFyFwe3IerU7mDtFR_1iYVlGEK1Oh91Cvn1f3Yt-wYdsQyvvI92P-VzAipTNFxB5-R-Ufu-Jj1igty-LXqjczU6hXERxea56-pQaRtz1kQSGFTwbrGM7KA0KwIrMRIfCKqMBIA8HZ8
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
db8a28cd51c9dca871cdb20f8f2568921e0d173e1739f9a4f16ef765fce185e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v659"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="santa-1.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140852
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
santaa.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_QSWWaJSUZS-RgRI0dcb3sB7c7X2zfxrJpZXqSuqxwt6gBNU8m5vfvIyJFXHNd-gzrsLeuw9PWHWiKHpK2yKcmNHiG65xqV9nFoh4w-Kzga6p1n4LBT3guVfAhTIe0RGDEuKVsPGkrDXLVIvY... 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_QSWWaJSUZS-RgRI0dcb3sB7c7X2zfxrJpZXqSuqxwt6gBNU8m5vfvIyJFXHNd-gzrsLeuw9PWHWiKHpK2yKcmNHiG65xqV9nFoh4w-Kzga6p1n4LBT3guVfAhTIe0RGDEuKVsPGkrDXLVIvYf1PUD9H1vVNVqeLBHzGtnC-PiBokOTOpZjQzRmC0Sw/s400/santaa.gif
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
799ef4427bb1f6176d595ddbe205ab16d12b590ade746c82d2151a277e3fb801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v45e"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="santaa.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145176
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
hang-removebg-preview.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFCvdyx3kikIFZr_WXkT0OhNiJrFFFmPvjVcIDyyiPp0hqosGdCH3F99isPxdt7QJSXyL-HkuVBVqZpLEY5sf4aWqouEdEWBVMuCy-3EZqbxmWNB2ohJ7q3gwl3eARK1sJbyLoE3J9lQJj66SI... 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFCvdyx3kikIFZr_WXkT0OhNiJrFFFmPvjVcIDyyiPp0hqosGdCH3F99isPxdt7QJSXyL-HkuVBVqZpLEY5sf4aWqouEdEWBVMuCy-3EZqbxmWNB2ohJ7q3gwl3eARK1sJbyLoE3J9lQJj66SIxk64BqBQyjvB7VW-HMDVL18hhqIucR7YeH3pEDBqfQ/s177/hang-removebg-preview.png
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7094fa87d5ed03ddcd61243863e116779fdc87d80075fb627c44bfffb3818895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v46a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="hang-removebg-preview.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5834
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
hang_1-removebg-preview.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0YBbz4nwRfxS9_mWOf8lsy-oTdy7toAYt1RnRxsetKWpxjPnIMmFDL--lF1NqODo-3TvZqWqhxwE51zmwkHGnLRDQ2ZrJpRUgDdP6w5avViurDalcajLH28Ly1vzoCqsCwMZFdlEGZkHhpevu... 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0YBbz4nwRfxS9_mWOf8lsy-oTdy7toAYt1RnRxsetKWpxjPnIMmFDL--lF1NqODo-3TvZqWqhxwE51zmwkHGnLRDQ2ZrJpRUgDdP6w5avViurDalcajLH28Ly1vzoCqsCwMZFdlEGZkHhpevukaHqDPCf8T_SZhlyZlbTk3LmV7DAzX6a8uHRWKid9Q/s195/hang_1-removebg-preview.png
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e569306fe7f91466b075d006513febb5ad33063667263b0bd9d197726e929d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:43 GMT
x-content-type-options
nosniff
server
fife
etag
"v46b"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="hang_1-removebg-preview.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5073
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:43 GMT
AVvXsEhD7fp1EytR_AUEbAaPS6Vew1fq7X5I-oWUZzdfCDVgsHiKt0efNvYimDOFzFUsfvrvkxlgYv1oqlaNvWT5i0rB_7Kg7wY39cOC8IdozdIuj2G9N8e6kJEVFQHXDNvxSCuznB5IxF6da3hhTmeA7fCzp7HUAOy-SGlP9dMIfGDAEb875xABVox1D35smSY
blogger.googleusercontent.com/img/a/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhD7fp1EytR_AUEbAaPS6Vew1fq7X5I-oWUZzdfCDVgsHiKt0efNvYimDOFzFUsfvrvkxlgYv1oqlaNvWT5i0rB_7Kg7wY39cOC8IdozdIuj2G9N8e6kJEVFQHXDNvxSCuznB5IxF6da3hhTmeA7fCzp7HUAOy-SGlP9dMIfGDAEb875xABVox1D35smSY
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8b088d1c45aed594513b3535d0c9b44f09add6bd399308198c666700ae22ae0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v657"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="santa.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42272
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
c.gif
3.bp.blogspot.com/--VrLDvTMfE0/W2xAmnbAbSI/AAAAAAAABo0/g6rPQo521MASQKKAnw2LLed-OR1OlgF9gCLcBGAs/s1600/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/--VrLDvTMfE0/W2xAmnbAbSI/AAAAAAAABo0/g6rPQo521MASQKKAnw2LLed-OR1OlgF9gCLcBGAs/s1600/c.gif
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e954b4587a76d6b3ea2f52056e19d269e02487579702569f6443ad2eb526c692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v68e"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="c.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26849
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT
wp.png
1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/
Redirect Chain
  • https://bit.ly/2VLMnaW
  • https://1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/wp.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/wp.png
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6d19767ab10d4c5fbccf96d7d674a9fb967a3b63ee52eb2c26e99e8e9941b9f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v99a8"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="wp.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2696
x-xss-protection
0
expires
Mon, 18 Dec 2023 18:05:42 GMT

Redirect headers

date
Sun, 17 Dec 2023 18:05:42 GMT
content-security-policy
referrer always;
referrer-policy
unsafe-url
via
1.1 google
server
nginx
content-type
text/html; charset=utf-8
location
https://1.bp.blogspot.com/-ARiMLSA5jAc/X8zAsBK0PpI/AAAAAAAAmac/8LEjw1rBgwkoPNJcMHLxGBR-sIbfSAGuQCLcBGAsYHQ/s200/wp.png
cache-control
private, max-age=90
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-191698403-1
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a747999b5576a8186d4ddafd5ebf443e74b75659ec29c6b6adf44ff1d353bb3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68968
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 17 Dec 2023 18:05:42 GMT
1yiw_VIrUdLLQRmYMzCrCQpEi_dDUKZDh
doc-10-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/m8uscbn27i79qdcioj71pqesctendf23/1702836300000/03469655650848561796/*/
Redirect Chain
  • https://bit.ly/3U4c8z7
  • https://drive.google.com/uc?export=download&id=1yiw_VIrUdLLQRmYMzCrCQpEi_dDUKZDh
  • https://doc-10-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/m8uscbn27i79qdcioj71pqesctendf23/1702836300000/03469655650848561796/*/1yiw_VIrUdLLQRmYMzCrCQpEi_dDUKZDh?e...
135 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://doc-10-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/m8uscbn27i79qdcioj71pqesctendf23/1702836300000/03469655650848561796/*/1yiw_VIrUdLLQRmYMzCrCQpEi_dDUKZDh?e=download&uuid=4180e60c-83f5-495c-a327-1eae2cebf44e
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H3
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:43 GMT
x-content-type-options
nosniff
x-guploader-uploadid
ABPtcPqJxthdF791Uv0mO0C-mIGRZAMW5OAECw3ePHPMeoUcf2vF8NZaPRmAI1uqJrIAKNGRKZrC4ekiMKRHc-t82a2KqQ
Content-Range
bytes 0-2267591/2267592
content-disposition
attachment; filename="jingle.mp3"; filename*=UTF-8''jingle.mp3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
2267592
last-modified
Thu, 24 Nov 2022 06:43:29 GMT
server
UploadServer
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
x-goog-hash
crc32c=S5zL4Q==
cache-control
private, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, X-Google-EOM, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-353267353-bin, x-goog-ext-353267353-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-359275022-bin, x-goog-ext-328800237-jspb, x-goog-ext-202735639-bin, x-goog-ext-223435598-bin, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, x-goog-maps-api-salt, x-goog-maps-api-signature, x-goog-maps-client-id, X-Goog-Api-Key, x-goog-spanner-database-role, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Android-Cert, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-OidcIdToken, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token, x-rfui-request-context
expires
Sun, 17 Dec 2023 18:05:43 GMT

Redirect headers

date
Sun, 17 Dec 2023 18:05:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-r59dhEy-yOSsQnJE0m82eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-10-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/m8uscbn27i79qdcioj71pqesctendf23/1702836300000/03469655650848561796/*/1yiw_VIrUdLLQRmYMzCrCQpEi_dDUKZDh?e=download&uuid=4180e60c-83f5-495c-a327-1eae2cebf44e
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
colorchang_8t6q8bzu.gif
phoneky.co.uk/thumbs/screensavers/down/abstract/ 		676 KB
676 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://phoneky.co.uk/thumbs/screensavers/down/abstract/colorchang_8t6q8bzu.gif
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.237.156.34 Chicago, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
49ea1e68c088c9171f66d08746f54901b202763cf1fa04c2d50332ca7837ad40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 18:05:31 GMT
Last-Modified
Sun, 29 Jun 2014 22:36:30 GMT
Server
Microsoft-IIS/8.5
ETag
"77a28692ea93cf1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
692183
6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2
fonts.gstatic.com/s/alfaslabone/v17/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alfaslabone/v17/6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2
Requested by
Host: merrychristmas.mahakalservices.com
URL: https://merrychristmas.mahakalservices.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9374de123126424cc9576c36c508f12954bb9c1da8a23d035bf8a0131f7113f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://merrychristmas.mahakalservices.com/
Origin
https://merrychristmas.mahakalservices.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:04:40 GMT
x-content-type-options
nosniff
age
205262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17896
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 09:04:40 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QRW7FQB1GX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-191698403-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d53713c4b2de8b200b0206234f666778b51b699e36076cc9948c4e2214518d35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 18:05:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81151
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 17 Dec 2023 18:05:42 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-191698403-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 17 Dec 2023 17:48:55 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1007
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 17 Dec 2023 19:48:55 GMT
collect
www.google-analytics.com/g/ 		0
184 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QRW7FQB1GX&gtm=45je3bt0v9133801498&_p=1702836342266&gcd=11l1l1l1l1&dma=0&cid=1332392773.1702836343&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702836342&sct=1&seg=0&dl=https%3A%2F%2Fmerrychristmas.mahakalservices.com%2F&dt=Merry%20Christmas&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1888
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QRW7FQB1GX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://merrychristmas.mahakalservices.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 18:05:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://merrychristmas.mahakalservices.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1260264470&t=pageview&_s=1&dl=https%3A%2F%2Fmerrychristmas.mahakalservices.com%2F&ul=en-us&de=UTF-8&dt=Merry%20Christmas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1699610434&gjid=1660288153&cid=1332392773.1702836343&tid=UA-191698403-1&_gid=121545227.1702836343&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=82223145
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://merrychristmas.mahakalservices.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 18:05:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://merrychristmas.mahakalservices.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| isNS function| mischandler function| mousehandler function| killCopy function| reEnable function| $ function| jQuery function| play function| carousel number| slideIndex function| showSlides function| jqs function| checkName function| createGreeting function| shareActionWA number| countDownDate number| x function| gtag object| dataLayer boolean| $curtainopen object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

4 Cookies

Domain/Path Name / Value
.mahakalservices.com/ Name: _ga_QRW7FQB1GX
Value: GS1.1.1702836342.1.0.1702836342.0.0.0
.mahakalservices.com/ Name: _ga
Value: GA1.2.1332392773.1702836343
.mahakalservices.com/ Name: _gid
Value: GA1.2.121545227.1702836343
.mahakalservices.com/ Name: _gat_gtag_UA_191698403_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
ajax.googleapis.com
bit.ly
blogger.googleusercontent.com
cdnjs.cloudflare.com
click-it.me
doc-10-bk-docs.googleusercontent.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
merrychristmas.mahakalservices.com
phoneky.co.uk
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:38::178
23.237.156.34
2606:4700:3036::ac43:acf5
2606:4700::6811:180e
2607:f8b0:4004:c06::84
2607:f8b0:4004:c07::84
2607:f8b0:4004:c09::61
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c19::8b
2607:f8b0:4004:c1b::5e
65.108.108.218
67.199.248.10
01ddb553fe84fe82e99fb3e530bc32f0b429350cbffdd8eac899b31d253b83e0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
27a7d380404172051ae44fc72aaefa93ef0b669a1d1b1aafcd1f6ab9b0af9600
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
39a02f27ea1425ac7f63aaa75c75a68ac10946afb1117db732203ac003b2cc2e
49ea1e68c088c9171f66d08746f54901b202763cf1fa04c2d50332ca7837ad40
590629452f97c8cfcb69f3d6c088b9174bf3d8afcee65aded5da3389ba966d6a
64c6df750e710a203ff0714d6f244e5902c95bc681def3bae295571f5c845d1e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d19767ab10d4c5fbccf96d7d674a9fb967a3b63ee52eb2c26e99e8e9941b9f1
7094fa87d5ed03ddcd61243863e116779fdc87d80075fb627c44bfffb3818895
799ef4427bb1f6176d595ddbe205ab16d12b590ade746c82d2151a277e3fb801
88509d73cf7a5f6a3a29da5299861b96db5451535f904d36f2d99d1888aaf42f
89adb8d32551998ce8c2f95390c7c2fb620c943ee0637225c07c671b80abac44
8b088d1c45aed594513b3535d0c9b44f09add6bd399308198c666700ae22ae0a
8c19d26fd623af331ccf7e70e58996867e5bcf32295ccfbdc75b30684ca8336d
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9373b9c9073cecc10f6cf9a2641c85611b164d313c2f26fb9b88151f9b47c2dc
a747999b5576a8186d4ddafd5ebf443e74b75659ec29c6b6adf44ff1d353bb3e
a9374de123126424cc9576c36c508f12954bb9c1da8a23d035bf8a0131f7113f
beef55b198e5327cbff6fd3bfc5a978484fbebdf534a04c9541df6d93918f1ba
c1ad6184f32e2f13833aa4cb65a2653bac11f0b8038620cd349216eee271b7a1
c6d8e43834ff515ae8f32f8ddd52001ede3fec7ffd74d3e84da385149322dbc0
d53713c4b2de8b200b0206234f666778b51b699e36076cc9948c4e2214518d35
db8a28cd51c9dca871cdb20f8f2568921e0d173e1739f9a4f16ef765fce185e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e569306fe7f91466b075d006513febb5ad33063667263b0bd9d197726e929d56
e954b4587a76d6b3ea2f52056e19d269e02487579702569f6443ad2eb526c692