casualsparkle.info Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://casualsparkle.info/
Submission: On November 25 via api (November 25th 2024, 8:47:02 pm UTC) from US — Scanned from NL

Summary HTTP 63 Redirects Links 73 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 17 domains to perform 63 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is casualsparkle.info.
TLS certificate: Issued by WE1 on October 26th 2024. Valid for: 3 months.

This is the only time casualsparkle.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:cc00:1a:4e43:6c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:7e00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::ac43:f79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:225... 2600:9000:2250:800:1f:af3f:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.102.42 18.66.102.42	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.195.0.234 54.195.0.234	16509 (AMAZON-02) (AMAZON-02)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
63	19

31 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

casualsparkle.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:cc00:1a:4e43:6c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

widgetbe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7e00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:f79 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thetopvillas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:800:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

lantern.roeyecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-42.fra56.r.cloudfront.net

widgetbe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.0.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-0-234.eu-west-1.compute.amazonaws.com

lantern.roeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	casualsparkle.info casualsparkle.info	508 KB
5	thetopvillas.com www.thetopvillas.com	656 KB
4	widgetbe.com widgetbe.com — Cisco Umbrella Rank: 145901	253 KB
3	gstatic.com fonts.gstatic.com	93 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	213 B
2	bing.net bat.bing.net — Cisco Umbrella Rank: 8327	464 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	251 KB
1	roeye.com lantern.roeye.com — Cisco Umbrella Rank: 8953	128 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 12293	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	547 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4108
1	roeyecdn.com lantern.roeyecdn.com — Cisco Umbrella Rank: 8693	2 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 5114	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
63	17

	Domain	Requested by
31	casualsparkle.info	casualsparkle.info
5	www.thetopvillas.com	casualsparkle.info
4	widgetbe.com	casualsparkle.info widgetbe.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	casualsparkle.info
2	bat.bing.net	bat.bing.com casualsparkle.info
2	connect.facebook.net	casualsparkle.info connect.facebook.net
2	bat.bing.com	casualsparkle.info bat.bing.com
2	www.google-analytics.com	casualsparkle.info www.google-analytics.com
2	www.googletagmanager.com	casualsparkle.info
1	lantern.roeye.com	casualsparkle.info
1	www.google.nl	casualsparkle.info
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	lantern.roeyecdn.com	www.dwin1.com
1	www.dwin1.com	casualsparkle.info
1	fonts.googleapis.com	casualsparkle.info
63	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.thetopvillas.com
iexitapp.com
www.parkme.com
www.opentable.com
www.topvillasrealty.com

Subject Issuer	Validity	Valid
casualsparkle.info WE1	`2024-10-26` - `2025-01-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
widgetbe.com Amazon RSA 2048 M02	`2024-09-05` - `2025-10-05`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2024-10-02` - `2025-10-30`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.thetopvillas.com WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-04` - `2024-12-03`	3 months	crt.sh
*.roeyecdn.com Amazon RSA 2048 M02	`2024-09-01` - `2025-09-28`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.nl WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
*.roeye.com Amazon RSA 2048 M03	`2024-10-26` - `2025-11-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://casualsparkle.info/
Frame ID: 971D2B29946CA7558E098D646FA493F7
Requests: 62 HTTP requests in this frame

Frame: https://widgetbe.com/widget
Frame ID: 0602A88300F4CA974E5432F9492CE757
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How to plan a road trip in America | Top Villas

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

63
Requests

98 %
HTTPS

67 %
IPv6

17
Domains

17
Subdomains

19
IPs

5
Countries

1896 kB
Transfer

3458 kB
Size

9
Cookies

73 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/topvillas

Search URL Search Domain Scan URL

URL: https://www.instagram.com/top_villas/

Search URL Search Domain Scan URL

URL: https://twitter.com/topvillas

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/topvillas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/
Title: Find a villa

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections
Title: Collections

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/future-stays
Title: Future Stays 2024/2025

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/villas-for-large-groups
Title: Villas for large groups

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/villas-in-resorts
Title: Villas in resorts

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/villas-near-disney-world
Title: Villas near Disney World

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/villas-with-pools
Title: Villas with pools

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/villas-with-beach-views
Title: Villas with beach views

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/villas-with-themed-rooms
Title: Villas with themed rooms

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/villas-with-games-rooms
Title: Villas with games rooms

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/pet-friendly-villas
Title: Pet friendly villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/villas-for-skiing-vacations
Title: Villas for skiing vacations

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/collections/villas-for-golf-vacations
Title: Villas for golf vacations

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/orlando/vacations
Title: Orlando villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/reunion-resort/vacations
Title: Reunion Resort villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/encore-resort-at-reunion/vacations
Title: Encore Resort at Reunion villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/champions-gate
Title: Champions Gate villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/storey-lake-resort
Title: Storey Lake Resort villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/solterra-resort
Title: Solterra Resort villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/miami
Title: Miami villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/caribbean
Title: Caribbean villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/barbados
Title: Barbados villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/jamaica
Title: Jamaica villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/st-barthelemy
Title: St Barts villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/dominican-republic
Title: Dominican Republic villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/turks-and-caicos
Title: Turks and Caicos villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/california
Title: California vacation rentals

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/tennessee
Title: Tennessee cabins

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/texas
Title: Texas vacation rentals

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/mexico
Title: Mexico villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/thailand
Title: Thailand villas

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination
Title: More destinations

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/florida/orlando/
Title: Orlando

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/barbados/
Title: Barbados

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/greece/
Title: Greece

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/united-states/california/
Title: California

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/st-barts/
Title: St Barts

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/italy/
Title: Italy

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/thailand/koh-samui/
Title: Koh Samui

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/jamaica/
Title: Jamaica

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/bali/
Title: Bali

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/turks-and-caicos/
Title: Turks and Caicos

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/tag/family-and-kids/
Title: Family and Kids

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/tag/beach-vacations
Title: Beach Vacations

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/tag/couples-and-romance
Title: Couples and Romance

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/tag/festivals-and-events
Title: Festivals and Events

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/tag/nature
Title: Nature

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/tag/sports-and-activities
Title: Sports and Activities

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/tag/nightlife
Title: Nightlife

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/tag/travel-guides
Title: Travel Guides

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/tag/villa-inspiration
Title: Villa Inspiration

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/
Title: <img src="https://www.thetopvillas.com/blog/wp-content/uploads/2023/10/Logo.jpg" alt="" />

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/contact-us
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/vacation-homes/top-villas-realty/
Title: Real estate

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/category/usa/
Title: USA

Search URL Search Domain Scan URL

URL: https://iexitapp.com/
Title: iExit Interstate Exit guide

Search URL Search Domain Scan URL

URL: https://www.parkme.com/
Title: Parkme Parking

Search URL Search Domain Scan URL

URL: https://www.opentable.com/
Title: OpenTable

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/destination/united-states
Title: book your accommodation

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/concierge
Title: Travel Extras

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/author/tamara-del-renzio/
Title: Tamara del Renzio

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/usa/top-filming-locations-to-visit-in-the-usa/
Title: <img width="230" height="102" src="https://www.thetopvillas.com/blog/wp-content/uploads/2022/03/filming-locations-featured.jpg" class="attachment-ideapark-related-thumb size-ideapark-related-thumb wp-post-image" alt="A camera and boom mic filming on location" decoding="async" />

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/usa/a-guide-to-tornado-season-in-america/
Title: <img width="225" height="150" src="https://www.thetopvillas.com/blog/wp-content/uploads/2022/03/Tornado-featured.jpg" class="attachment-ideapark-related-thumb size-ideapark-related-thumb wp-post-image" alt="A tornado over a crop field" decoding="async" />

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/usa/best-places-to-visit-for-fans-of-dinosaurs-in-the-usa/
Title: <img width="230" height="98" src="https://www.thetopvillas.com/blog/wp-content/uploads/2022/03/Dinosaurs-featured-1.jpg" class="attachment-ideapark-related-thumb size-ideapark-related-thumb wp-post-image" alt="An artist render of dinosaurs, incluidng t-res and brachiosaurus" decoding="async" />

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/?utm_source=blog&utm_medium=banner&utm_campaign=sidebar_feature
Title: <img src="https://www.thetopvillas.com/blog/wp-content/uploads/2022/05/Generic-Feature-Sidebar-2.png" alt="Orlando Feature" style="max-width:100%;" width="100%" height="auto" />

Search URL Search Domain Scan URL

URL: https://www.topvillasrealty.com/
Title: Buying a home in Orlando

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/blog/affiliates/
Title: Become an affiliate

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/flex
Title: Flex – book with confidence

Search URL Search Domain Scan URL

URL: https://www.thetopvillas.com/privacy-policy
Title: Privacy policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
casualsparkle.info/ 73 KB
20 KB 199ms
161ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643a4f21cf8d71b7f380924f26a7a9b85b2d805dcb4ab9e3fd085d59cf302444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e847da95aaf665c-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Mon, 25 Nov 2024 20:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SvtV7HYXyTSm7n%2Bo28VQzMCTR4CEm18y0phiecWCUbF7%2BU9B6suVAbqhJLpDQP%2F9jXbuS5OsnisempFrLRTvn%2BQfiJ27BJbzbL2Fo7%2Ff7V9GVlMMD2l5xvTadZ96%2BuprdDxP0DM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16903&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4162&recv_bytes=4486&delivery_rate=547&cwnd=12000&unsent_bytes=0&cid=59cff632c6b8334e&ts=162&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=31536000
vary: accept-encoding

GET
H3 200 gtm.js Show response
casualsparkle.info/landers/509c3e5906/js/ 337 KB
114 KB 138ms
137ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/gtm.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acc0312c89867c732318c089e3d53dc0c6dd930c831296f10aecb78fdf63b70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-5433a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ToakfVMcJU9knD6o9%2B8jVCABQ2D%2BpV6eZPeWq6X%2FxCyLP1VCSc%2BsmEcpW7nZOnwzqvq5WdXsuXbjiY%2FzfprDnQMTIwgPWylYTWoBNw6r4ySZhFFTEKhj6k9ql44Lf%2FxS98HvCE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daaac52665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21020&sent=63&recv=35&lost=0&retrans=0&sent_bytes=53556&recv_bytes=11371&delivery_rate=57186&cwnd=26400&unsent_bytes=0&cid=59cff632c6b8334e&ts=333&x=1", cfHdrFlush;dur=4
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 style.min.css
casualsparkle.info/landers/509c3e5906/css/ 102 KB
16 KB 90ms
90ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/css/style.min.css

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-19824"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AgMgNdL%2FQkub9JPLla0lKw5dw7zPmiaXDbD5qvFwLynhVcYpjU278ytTRkrK5TDouxFDZ%2Fnz720jZMx0zhMyqomR5pHAhV9Cy27PZmQ4op2ZVrC6hSTUcAFiSsCajy5D656Pk0A%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daaac5a665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19342&sent=38&recv=30&lost=0&retrans=0&sent_bytes=27773&recv_bytes=8742&delivery_rate=419249&cwnd=22800&unsent_bytes=0&cid=59cff632c6b8334e&ts=309&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 blocks.style.build.css
casualsparkle.info/landers/509c3e5906/css/ 27 KB
4 KB 137ms
136ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/css/blocks.style.build.css

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-6c70"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5dQoiBO15HX2vz2atmmaZInisiyF%2F%2BDMNLa4NO5qW4rMv0OI8dwWAZ35a0w5BA%2Bb3Uf4Iuws9AO2GxTnvEhnOCVBIo%2F9mYSaILUJasn5MGvZyz1Dskr1iPuUFfAwCKFgwFl8DI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daaac5e665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19173&sent=60&recv=31&lost=0&retrans=0&sent_bytes=50512&recv_bytes=8785&delivery_rate=23246&cwnd=24000&unsent_bytes=0&cid=59cff632c6b8334e&ts=326&x=1", cfHdrFlush;dur=1
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 styles.css
casualsparkle.info/landers/509c3e5906/css/ 3 KB
2 KB 80ms
79ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/css/styles.css

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-b2b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYpPlhWH0u%2BeB%2BjBFKeZzvn%2FaZwntSixKDmQkxEzWEqInuxS31YWmC2hSuRp1dfr4561AbrigAJq2kGY0bYH1Xeyf0M9SY2CD5Y9eQNvZwqwtFWe4jPBpQoeyLps8ez7QGwOTZ8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daaac61665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19342&sent=33&recv=29&lost=0&retrans=0&sent_bytes=24736&recv_bytes=8369&delivery_rate=419249&cwnd=22800&unsent_bytes=0&cid=59cff632c6b8334e&ts=305&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 form-basic.css
casualsparkle.info/landers/509c3e5906/css/ 2 KB
1 KB 88ms
86ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/css/form-basic.css

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-654"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0WZ7kImhxZLpxwXUGZtJEq1XMA5ZdHB0TZjDn4mbbkqNEUtputsVgdn6qe8dBuUKJvOIDkvhc5nHRm%2FmUHqlg50sqnzpQfS%2BV%2BhZDKh1SxWZ%2BGU2NTOcSP%2BbtaOPGyga7vhw%2BY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daaac65665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19342&sent=36&recv=30&lost=0&retrans=0&sent_bytes=26512&recv_bytes=8742&delivery_rate=419249&cwnd=22800&unsent_bytes=0&cid=59cff632c6b8334e&ts=308&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 14 KB
2 KB 243ms
100ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C900%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce8847217f8f8997ab0415020270242350e0ae71daea9cb50db0f269d6ec5f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 20:46:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 25 Nov 2024 20:46:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 font-awesome.min.css
casualsparkle.info/landers/509c3e5906/css/ 30 KB
8 KB 91ms
88ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/css/font-awesome.min.css

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7794957586447e251b87cc7e1281c284bd5f342908f09864f4ee9a7292966faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-78f2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8%2F7ycbcrrA5oy99bL2UCMrjfr4FXHhtPoQTAiv70xc%2FJpLnA9NXJNJf5HuXKUb%2FkRUqFCZ02wea%2BptjSOKO%2ByezW8YJWfWXT4wvHX8L%2Bu9BffG6AuKFNsP%2Bgk1%2BwFfNMinxtIQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daabc6b665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19342&sent=39&recv=30&lost=0&retrans=0&sent_bytes=28416&recv_bytes=8742&delivery_rate=419249&cwnd=22800&unsent_bytes=0&cid=59cff632c6b8334e&ts=312&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap.min.css
casualsparkle.info/landers/509c3e5906/css/ 16 KB
4 KB 98ms
95ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/css/bootstrap.min.css

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25263ac4eb286992fb36f3acebf349dd20a309f7ff8e2958846848d14e1e3a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-3e3a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OmL15eOykSG1mVMfYyAxjW5wbtRigRoQ5iklep3WuM%2FCJ2yDg%2B%2F%2BnX4uC4fl3VjnkWjWl%2Fm7UQZSUByoISsf6NdOb8PkZkZW1qNyS1gXOmgOpp7uGZhK43bmZSal3S0dEt%2FA7RM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daabc6c665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19342&sent=47&recv=30&lost=0&retrans=0&sent_bytes=36562&recv_bytes=8742&delivery_rate=419249&cwnd=22800&unsent_bytes=0&cid=59cff632c6b8334e&ts=320&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 slick.css
casualsparkle.info/landers/509c3e5906/css/ 2 KB
1 KB 99ms
97ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/css/slick.css

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-6e7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T7I%2BwI1cW4%2F5hyuSp8nerNFs%2FdcNKxvOpEX4bUAe0Nm4tKNaX9URot58Rv1z31STkTnVjQnc40aGjvPF%2Bx2vcgfocEA%2F6Yg9Q7p8RvCz1eHd4xl1toK43qqgZoj%2BcxAhmjKxPjs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daabc6e665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19342&sent=57&recv=30&lost=0&retrans=0&sent_bytes=47562&recv_bytes=8742&delivery_rate=419249&cwnd=22800&unsent_bytes=0&cid=59cff632c6b8334e&ts=323&x=1", cfHdrFlush;dur=1
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 style.css
casualsparkle.info/landers/509c3e5906/css/ 88 KB
17 KB 166ms
164ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/css/style.css

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a5bf20ded729d6c50629f9fc789c5bc11b0698ed8087ff9d420b22bf20a2d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-161f7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=acQs4XLO6g2xYcLjwwqhoXuk%2Bh%2ByQ6zs7AOjy2%2Fax1dUXIGwdMUGbKYUOFJH%2Fh%2BV6ouv02E%2FEKWjqS4Ps8lHV8PEVu4zKjPq3hY2kL1RptoyrigSk02Md2MVbSx4Vf3EsC1ijI4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daabc70665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21020&sent=63&recv=35&lost=0&retrans=0&sent_bytes=53556&recv_bytes=11371&delivery_rate=57186&cwnd=26400&unsent_bytes=0&cid=59cff632c6b8334e&ts=333&x=1", cfHdrFlush;dur=5
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 85 KB
32 KB 167ms
165ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/jquery.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-155ba"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQDlK0tH7pht3DdtwUfwYAa46hwPExCQP1DDe0qk9nwcxZmA77a7clPKRfSUG0ZfHw21NOde7u2CieIVfGe7OC9zGXvNXxUhhyjDVTMQ5t6f8Riq8lokK%2FeDYKnQFwvOlJtkugo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab1cb6665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29853&sent=162&recv=50&lost=0&retrans=0&sent_bytes=165712&recv_bytes=14631&delivery_rate=1008229&cwnd=76800&unsent_bytes=0&cid=59cff632c6b8334e&ts=382&x=1", cfHdrFlush;dur=4
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 13 KB
6 KB 241ms
239ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/jquery-migrate.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-3509"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dPoOlIc4t22UZOdYta%2B2h70xTbHXwVJUbfkIJF3jXG9Sl4FgHOOTu4Zmjo%2FHg9c3YFCjuDa20QtJbtCEiOLdGGYvmcbHEFEc7OlCC1d%2FR8S9SjeyW9ET%2B1IHRU%2F2eRHqV%2B6RsKk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab3cd2665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22046&sent=238&recv=58&lost=0&retrans=0&sent_bytes=250266&recv_bytes=14990&delivery_rate=1923913&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=405&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 wp-hide-post-public.js Show response
casualsparkle.info/landers/509c3e5906/js/ 838 B
1 KB 242ms
240ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/wp-hide-post-public.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-346"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=508%2FeQ%2BMzj%2B4%2BClpRn5ebfy4HcjWIoMOn%2FAeLXctQJwqcxPmeRnCnbm7s9QxsCZp1NHn%2B4TIzZYn9COjllwoHxADkwEPPD3me8fU0liK1OIcOpueGCfRZ869yJm74cQ0yc8XkY8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab3cd6665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20032&sent=244&recv=64&lost=0&retrans=0&sent_bytes=256231&recv_bytes=15259&delivery_rate=5950764&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=410&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.image_zoom.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 24 KB
7 KB 190ms
188ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/jquery.image_zoom.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b0fc449501df9ed856c763b681379cbbdf1c0cd88f1dd5d3b10505414e0feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-60e2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1VqG1Hxm73OXGz%2BxV3k9JRfwAjFr1fe9hbzmcIGUwsUpGB3FWR6l%2BgbZ2qDGbzSundVw75AAu6OjQm20wXkvwBI3MAzp7Jp4kzYBkZrFZgoQzAV2BUMgWYHrVYeicLSeDbvP3I%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab3cdc665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23298&sent=187&recv=55&lost=0&retrans=0&sent_bytes=194058&recv_bytes=14856&delivery_rate=936169&cwnd=98400&unsent_bytes=0&cid=59cff632c6b8334e&ts=387&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 image_zoom-init.js Show response
casualsparkle.info/landers/509c3e5906/js/ 17 KB
6 KB 187ms
185ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/image_zoom-init.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3ec492d9943e541bdf05efdd11db979ec280a78fb1d772f7028883bd8a4fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-422c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fp8Ph2UD3pAPVfAEcNYRI0xuc1dxqwBgPGjiPbG17pZT7jbUWt7cZ27gB9FKeoJWdjND2Xtp1jI0HpcSx0yRjSXtwPF836MaGr1VcQEycFPVDSXxg6UYJgbq1QirewclRVsoKhU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab3ce1665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22718&sent=228&recv=56&lost=0&retrans=0&sent_bytes=240276&recv_bytes=14900&delivery_rate=1747261&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=393&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 wp-emoji-release.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 18 KB
6 KB 76ms
76ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/wp-emoji-release.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-4904"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Wqa%2Bzq22lUUf9qSUEol%2BzBkEetuoV9f26ji8zGmKKCTfgrJK0Pvgieq9qQNDAjs%2Ft3%2Fyt1aryELP2cIvoQKAt4mInbKITaO%2B7nsKnSUImQEc%2FgG7MEv%2BcYY%2FwvaKME4BNJG%2Bd4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847daceec6665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32542&sent=294&recv=73&lost=0&retrans=0&sent_bytes=302590&recv_bytes=16389&delivery_rate=377006&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=652&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 mpp-frontend.js Show response
casualsparkle.info/landers/509c3e5906/js/ 331 B
832 B 190ms
188ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/mpp-frontend.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-14b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MAGddt3KIczVoTC5C29io%2B2xB2CaLBwslrCzSm%2Ba7LVLXNBrrFpUETRAqgcNIwu2TX7gW2Nt3zxxvjSSJ03I0CylbgtDbw9CYtKlGRA32RlEE%2FnczR02ZQgxjs0kkP%2F5m2pTHw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab3ce3665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22718&sent=226&recv=56&lost=0&retrans=0&sent_bytes=239397&recv_bytes=14900&delivery_rate=1747261&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=389&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 index.js Show response
casualsparkle.info/landers/509c3e5906/js/ 11 KB
4 KB 241ms
239ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/index.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-2a12"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlvbgWIS0I0QXMZmHtxW4on5g6GbGNXNKRVwblgss5tC3LJwLdBvCZCoUSeZq4lwKElgThpDf9CpUklx5Z2jyzQSGLkwoUVkSQRwYHSe3GvwWgmS0TwTG9vHI9KPdJ7pZkb2kc0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab3ce5665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22165&sent=234&recv=57&lost=0&retrans=0&sent_bytes=246153&recv_bytes=14945&delivery_rate=2392722&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=396&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 index_1.js Show response
casualsparkle.info/landers/509c3e5906/js/ 13 KB
5 KB 242ms
241ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/index_1.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-328f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VChGFoxVwxB3SoXbD79duiXWW3vK%2FHzfTDb0VUes7IW7hkynV9JufYPlzzfhwpyoH%2BLKMyT53kNk9Kz%2FFgCgdfhaC6yoVgBLmj9djp51u%2B7qABPvZs%2FV%2B0l9%2BbrNA1fBhf7Ts3Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab6d16665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20032&sent=249&recv=64&lost=0&retrans=0&sent_bytes=260052&recv_bytes=15259&delivery_rate=5950764&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=419&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 smush-lazy-load.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 8 KB
4 KB 245ms
243ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/smush-lazy-load.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-1ef2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I2yNjrcTlooz300krpPRvmokF71T4mYMsHN%2BDLhlBZWu%2F1PzMPkMLdM4TDsaPiZn3w2KVxy78TN4UijBbn43yE61VgEmisDx9cGFs4Kfmgu2%2FL1L6ZLpNxd5yuDmVs%2FxK2mra%2FY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab6d19665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22253&sent=273&recv=66&lost=0&retrans=0&sent_bytes=283510&recv_bytes=15350&delivery_rate=3022745&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=440&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 imagesloaded.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 5 KB
3 KB 242ms
240ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/imagesloaded.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-15fd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkO29ur097fdqgTpTM7%2B6MlmxI6GDzPBxg6ebxq2%2FCQVw3K3qDmy91G4765aCEksymKAonhPGkgQEprhiEJOC3j0NUtu1hPKbWwIvJ0lUd0AYO%2FYprSEvcT2akwPB6%2BW7AedA9Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab6d1a665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20032&sent=246&recv=64&lost=0&retrans=0&sent_bytes=257404&recv_bytes=15259&delivery_rate=5950764&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=416&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 masonry.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 24 KB
8 KB 256ms
255ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/masonry.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-5e4a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6HB9isoS4e%2F4vQN6MvaV6Osz1Z06zcnry2rmkokRrRospWj5pzg4WgAn14%2FerGDJeKH5ehycY15DgIWgpH2g13NMKdDjJK3wK5O8jAs1cS8zfFcrWz9CndHUxJjzx%2Bcf8o%2B6baE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab6d1b665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22253&sent=278&recv=66&lost=0&retrans=0&sent_bytes=288126&recv_bytes=15350&delivery_rate=3022745&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=440&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.masonry.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 2 KB
1 KB 242ms
241ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/jquery.masonry.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-71b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eAXaQeg7ZCiGb2AdZuKnnczB651yWhVLWVydtOrXhI6SdQB7L%2FJry5a1whf%2FU8KIgf0WGCB5vYwsOW3c4Ph6b3aKF2SsavKPJb6nDOHXpNp8Gon4tCV4KoEUhg6mPcBdqzKI35A%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab6d1c665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20032&sent=254&recv=64&lost=0&retrans=0&sent_bytes=265185&recv_bytes=15259&delivery_rate=5950764&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=425&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 slick.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 39 KB
11 KB 242ms
241ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/slick.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1346ba855702d564b8dbae71c7d8e9c465d6657bbbff6f3eaa00cedf4f4aa53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-9ccf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FArTiLLmz4uZR4IYiUsWhv%2FcW9fSxRxic0OL%2FAws5HTC5xHrRiegTfOZmV%2FWdOCQrQoFzK%2F%2FDT4Zk3R2p7d17G9clwSjB6XFFPqzYuPUBG7EnnR0myL8UF7zvOF%2B%2F%2B9LmGgwSgY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab6d1e665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20032&sent=256&recv=64&lost=0&retrans=0&sent_bytes=266608&recv_bytes=15259&delivery_rate=5950764&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=430&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.fitvids.js Show response
casualsparkle.info/landers/509c3e5906/js/ 3 KB
2 KB 243ms
242ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/jquery.fitvids.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fd67150f8d5ae944102afd68f1a206cb1eedaeacc12e48e512860649f65edb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-cc2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6NeApMuqk8xmQkAKhnVGW4B99gBc0EfaoFdwDMi2zWcEEtSFFNtGMjc8u2mY2e34fCu17Om%2BSggl3pWXT%2F%2FGb9h4mNTjli8MMriL4F4TSXO10wgLsr6pZsYK%2BfGHeNhhw3eADYA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab6d1f665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22253&sent=271&recv=66&lost=0&retrans=0&sent_bytes=281464&recv_bytes=15350&delivery_rate=3022745&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=436&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 instafeed.min.js Show response
casualsparkle.info/landers/509c3e5906/js/ 7 KB
3 KB 243ms
241ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/instafeed.min.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d3ef43a686cd253ea212540b42716762d2939993fcd57944d4eada4a5194a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-1ae6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdnIdCMwMmh7RrIvQN6zqaacEIQubSZgAPlYjA%2BPyb8GNFQmkwzpoowFgCos6jXFxsM2e5TDQLEkY2tvMe6KqOA%2FclX1XJOxU6yzSXQo5YoFX2JyqQQbi0WXmxRVVYvHf9tJ%2BSQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab6d20665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21820&sent=267&recv=65&lost=0&retrans=0&sent_bytes=278197&recv_bytes=15304&delivery_rate=2552785&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=431&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 samui.js Show response
casualsparkle.info/landers/509c3e5906/js/ 18 KB
5 KB 259ms
258ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/js/samui.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

318f2f239c80ac020a8ad1d5169d5873a8b0f1ae9e630983d5e16580bf8700c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"670547bc-4754"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HLYzQz6ALewFMl1oeD7zvSq9PSaAhEEjDI4TfTNgIP1EFa7g7UvpMjbncuYCSbcyF1y92VwX2P%2FNCsPMbqdZGcOg95rPE4qys9h9TPo5kgoTkK90HQC6F31Vvetf6KHq%2FYBgok%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847dab6d22665c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22253&sent=286&recv=66&lost=0&retrans=0&sent_bytes=296910&recv_bytes=15350&delivery_rate=3022745&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=457&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

GET 2bb728c7-d440-4f7b-8546-bfb3694095ee
https://casualsparkle.info/ Frame 0
0

GET
H2 200 agent Show response
widgetbe.com/ 78 KB
78 KB 316ms
211ms Script
application/javascript 2600:9000:223c:cc00:1a:4e43:6c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/agent
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/landers/509c3e5906/js/gtm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:cc00:1a:4e43:6c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.62 () OpenSSL/1.0.2k-fips PHP/8.1.29 / PHP/8.1.29
Resource Hash: 486e20e257e5489757d50fd9233cdf7554b1dc619349544d90738162fbfda136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
expires: Tue, 25 Nov 2025 20:46:55 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: IT2qmgf09Nzl1WYdRTufuWV7qsjTcW9FyFbI7rOBcHEHrQiAQ4PAgg==
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
cache-control: no-cache, private, max-age=31536000
access-control-allow-credentials: true
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/8.1.29
server: Apache/2.4.62 () OpenSSL/1.0.2k-fips PHP/8.1.29

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 416 KB
134 KB 294ms
117ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-56C0MKE0D4&l=dataLayer&cx=c

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/landers/509c3e5906/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c7f66ef1df1671cc8835390dc4e308c0fdc203c6dc92b9934ace96d10914e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 25 Nov 2024 20:46:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 135989
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 287ms
111ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/landers/509c3e5906/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

content-encoding: gzip
age: 330
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 22:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 20:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 12048.js Show response
www.dwin1.com/ 54 KB
16 KB 295ms
119ms Script
application/javascript 2600:9000:21f3:7e00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/12048.js
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/landers/509c3e5906/js/gtm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7e00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f026859431b774398799772327b1a0ceaeb338544a176b5722eb3da7b463d21c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

content-encoding: gzip
x-amz-version-id: 90IKqoV3ul1HP7DLKjyBexZniWvtjP.w
etag: W/"8f854e5dd36033a5365313284dc90638"
age: 353
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: QH0z2NUV3qACO8xHtp_PRDr5o6lq4BEK0qIntueytuiuc7M8CpvkWg==
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Mon, 25 Nov 2024 15:49:46 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=600, s-maxage=600
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 146ms
37ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/landers/509c3e5906/js/gtm.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 453805F94A5F44999F0DD2B15D8D313B Ref B: AMS231020615051 Ref C: 2024-11-25T20:46:55Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Mon, 25 Nov 2024 20:46:54 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 358 KB
117 KB 383ms
218ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5L54F

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28b03242c9d0a18990b3548392de3e451a345388f36aa366c373a8bc40c8a518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 25 Nov 2024 20:46:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 25 Nov 2024 20:26:24 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 119541
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 Road-trip-featured.jpg
casualsparkle.info/landers/509c3e5906/images/ 139 KB
140 KB 108ms
107ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casualsparkle.info/landers/509c3e5906/images/Road-trip-featured.jpg

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b143f6f70b25d00956f5bef9423f47662d8d6d4b1b877ad6bcbaff749dea7a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

cf-cache-status: MISS
etag: "670547bc-22dd8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTV0ofG9hBsS9jMAKlQzFIYYwx5v53U8m25IjXHsEng4UWxFcMMefwylz2U5osMbINTnGRwolpxmvNlIRdxzapxqjamv4kEyvLfFzdF%2BOFC%2FUBUKNp3bA7BvSYmNBqs005rT0f8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36008&sent=300&recv=75&lost=0&retrans=0&sent_bytes=308647&recv_bytes=16478&delivery_rate=57247&cwnd=122400&unsent_bytes=0&cid=59cff632c6b8334e&ts=731&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: image/jpeg
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e847dad3f16665c-AMS
accept-ranges: bytes
content-length: 142808
server: cloudflare

GET
H3 200 fontawesome-webfont.woff2
casualsparkle.info/landers/509c3e5906/fonts/ 75 KB
76 KB 98ms
98ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/fonts/fontawesome-webfont.woff2

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/landers/509c3e5906/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://casualsparkle.info
Referer: https://casualsparkle.info/landers/509c3e5906/css/font-awesome.min.css

Response headers

cf-cache-status: MISS
etag: "670547bc-12d68"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHwrdluXgL6EgxTnLLDwpN4O2VfTjCKrJLtxHROBJVtm9pw%2BPwwbRqVQh9O9sKe0Y9DA8D2w3IsYMYes2Kjgew229MdNQIyGOhtCV9SVMPRXfvEZxfq6xNyb%2BsIsxQDUyb5t198%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23582&sent=441&recv=88&lost=16&retrans=15&sent_bytes=473486&recv_bytes=17897&delivery_rate=811044&cwnd=110040&unsent_bytes=0&cid=59cff632c6b8334e&ts=808&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: font/woff2
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e847dadbfa3665c-AMS
accept-ranges: bytes
content-length: 77160
server: cloudflare

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 186ms
117ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C900%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://casualsparkle.info
Referer: https://fonts.googleapis.com/

Response headers

age: 451361
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:24:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:24:14 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 186ms
118ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C900%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://casualsparkle.info
Referer: https://fonts.googleapis.com/

Response headers

age: 454043
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 14:39:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 14:39:32 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 192ms
124ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C900%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://casualsparkle.info
Referer: https://fonts.googleapis.com/

Response headers

age: 516525
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 21:18:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 21:18:10 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 Logo.jpg
www.thetopvillas.com/blog/wp-content/uploads/2023/10/ 4 KB
4 KB 243ms
153ms Image
image/jpeg 2606:4700:10::ac43:f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thetopvillas.com/blog/wp-content/uploads/2023/10/Logo.jpg
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16c81dc073e8941d4f8b09a65e1a008bdfc7eedd9c943404aec16eda8cd120c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

x-vcache: UnCached
cache-control: max-age=172800
cf-bgj: imgq:85,h2pri
etag: "14ed-60902af021dc0"
age: 5260
cf-cache-status: HIT
cf-ray: 8e847dae48140bbc-AMS
accept-ranges: bytes
cf-polished: origSize=5357, status=webp_bigger
content-length: 4327
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: image/jpeg
last-modified: Tue, 31 Oct 2023 12:56:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Road-trip-featured.jpg
www.thetopvillas.com/blog/wp-content/uploads/2021/05/ 124 KB
124 KB 244ms
155ms Image
image/webp 2606:4700:10::ac43:f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thetopvillas.com/blog/wp-content/uploads/2021/05/Road-trip-featured.jpg
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f66ebe8380e2ab37653e8db9d7d6113d4fd6afe5092106bbe29d358db6c57b8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

x-vcache: UnCached
server: cloudflare
cache-control: max-age=172800
cf-bgj: imgq:85,h2pri
etag: "22de0-5d939cbcb12c0"
cf-cache-status: HIT
cf-ray: 8e847dae480c0bbc-AMS
accept-ranges: bytes
cf-polished: qual=85, origFmt=jpeg, origSize=142816
content-length: 127120
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: image/webp
content-disposition: inline; filename="Road-trip-featured.webp"
vary: Accept
last-modified: Wed, 02 Mar 2022 10:32:19 GMT

GET
H2 200 Generic-Feature-Sidebar-2.png
www.thetopvillas.com/blog/wp-content/uploads/2022/05/ 399 KB
400 KB 188ms
99ms Image
image/webp 2606:4700:10::ac43:f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thetopvillas.com/blog/wp-content/uploads/2022/05/Generic-Feature-Sidebar-2.png
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f17d7a556b731907aa2ac3e1c01e3b43b22033e2d62bfe18f3e5f6c7995844c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

cf-bgj: imgq:85,h2pri
etag: "94436-5de9175785d80"
age: 5260
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=607286
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: image/webp
content-disposition: inline; filename="Generic-Feature-Sidebar-2.webp"
vary: Accept
last-modified: Mon, 09 May 2022 10:13:26 GMT
x-vcache: UnCached
cache-control: max-age=172800
cf-ray: 8e847dae48190bbc-AMS
accept-ranges: bytes
content-length: 408984
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 439ms
29ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-GPEYuIro' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 20:46:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-GPEYuIro' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=98, rtx=0, c=23, mss=1232, tbw=4532, tp=11, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: C1rTjq+L+Mv1hDD+2qdwuRT3Ga3ox5Jwjp6VQOvUfoP8ztkq6BmYozPfJu6kqnOBQbgajDgE7S5A+oisFqiPeA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 wp-emoji-release.min.js Show response
www.thetopvillas.com/blog/wp-includes/js/ 18 KB
5 KB 72ms
70ms Script
application/javascript 2606:4700:10::ac43:f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thetopvillas.com/blog/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

x-vcache: UnCached
cache-control: max-age=172800
content-encoding: gzip
cf-cache-status: HIT
etag: "4904-6076d0a2fd300-gzip"
age: 5260
cf-ray: 8e847daf49ec0bbc-AMS
accept-ranges: bytes
content-length: 5039
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript
last-modified: Wed, 11 Oct 2023 08:59:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 25015739.js Show response
bat.bing.com/p/action/ 363 B
414 B 46ms
37ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25015739.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B8B8F41EE4747B4850E43F07FFC4C3A Ref B: AMS231020615051 Ref C: 2024-11-25T20:46:55Z
x-cache: CONFIG_NOCACHE
date: Mon, 25 Nov 2024 20:46:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 lantern_global_12048.min.js Show response
lantern.roeyecdn.com/ 2 KB
2 KB 129ms
29ms Script
application/octet-stream 2600:9000:2250:800:1f:af3f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_12048.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/12048.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:800:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc9ced4e93a6345341cbe63c09fb0cf87224f29b1cee05f05269b61132b04170

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

x-amz-version-id: eYQCs1A_IMCk7ZUOuLm4Air4tL5GDykw
etag: "7722146f25ce220db72924dfb1aec5c5"
age: 69165
via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 1822
x-amz-cf-id: O_xsqKaExsOjwnYr-JQG6WS4iqOOliIyPsEYFMFP9BRXhKRM9f6mQA==
date: Mon, 25 Nov 2024 01:34:12 GMT
content-type: application/octet-stream
last-modified: Tue, 10 Oct 2023 12:16:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
423 B 65ms
44ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=791148664&t=pageview&_s=1&dl=https%3A%2F%2Fcasualsparkle.info%2F&ul=nl-nl&de=UTF-8&dt=How%20to%20plan%20a%20road%20trip%20in%20America%20%7C%20Top%20Villas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=558127871&gjid=1212436364&cid=1826450414.1732567616&tid=UA-24764150-1&_gid=2142757404.1732567616&_r=1&_slc=1&gtm=45He4a20n71N5L54Fv72771189za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101671035~101747727&z=2059283212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://casualsparkle.info/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 20:46:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://casualsparkle.info
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H3 200 config Show response
widgetbe.com/ 239 B
611 B 459ms
412ms XHR
application/json 18.66.102.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/config
Requested by: Host: widgetbe.com
URL: https://widgetbe.com/agent
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-42.fra56.r.cloudfront.net
Software: Apache/2.4.62 () OpenSSL/1.0.2k-fips PHP/8.1.29 / PHP/8.1.29
Resource Hash: 71ed08d833d8f0d4bb7fcd1508756ca433d7a2f29dd154f70777c0050eb7cb8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://casualsparkle.info/

Response headers

access-control-max-age: 86400
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: EhbQYNiYMDyHcS7PYKDSU7nE9C-9_er7Ddg3MTFzX60Cgu-VzoG5bA==
date: Mon, 25 Nov 2024 20:46:56 GMT
content-type: application/json
x-powered-by: PHP/8.1.29
server: Apache/2.4.62 () OpenSSL/1.0.2k-fips PHP/8.1.29
x-amz-cf-pop: FRA56-P2
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 Tetons-road-trip.jpg
www.thetopvillas.com/blog/wp-content/uploads/2022/03/ 122 KB
122 KB 86ms
85ms Image
image/jpeg 2606:4700:10::ac43:f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thetopvillas.com/blog/wp-content/uploads/2022/03/Tetons-road-trip.jpg
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50a6c110b081332e38c876c8c6a6f15ee61c55f9833fc7242f86609dd1bb1d9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

x-vcache: UnCached
cache-control: max-age=172800
cf-bgj: imgq:85,h2pri
etag: "23fdc-5d939c4d1cb80"
cf-cache-status: REVALIDATED
cf-ray: 8e847db1cdcb0bbc-AMS
accept-ranges: bytes
cf-polished: degrade=85, origSize=147420, status=webp_bigger
content-length: 124939
date: Mon, 25 Nov 2024 20:46:56 GMT
content-type: image/jpeg
last-modified: Wed, 02 Mar 2022 10:30:22 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 188ms
39ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-56C0MKE0D4&gtm=45je4bk0v873293939z872771189za200zb72771189&_p=1732567615492&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1826450414.1732567616&ecid=1759845621&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1732567616&sct=1&seg=0&dl=https%3A%2F%2Fcasualsparkle.info%2F&dt=How%20to%20plan%20a%20road%20trip%20in%20America%20%7C%20Top%20Villas&en=page_view&_fv=1&_ss=1&tfd=1741
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-56C0MKE0D4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://casualsparkle.info
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 20:46:56 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
547 B 190ms
32ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-56C0MKE0D4&cid=1826450414.1732567616&gtm=45je4bk0v873293939z872771189za200zb72771189&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-56C0MKE0D4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://casualsparkle.info
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 20:46:56 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 319ms
117ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-56C0MKE0D4&cid=1826450414.1732567616&gtm=45je4bk0v873293939z872771189za200zb72771189&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1418219191

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 25 Nov 2024 20:46:56 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 0
bat.bing.net/actionp/ 0
119 B 267ms
72ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=25015739&tm=gtm002&Ver=2&mid=465ad83f-f680-4069-9b27-7265474e60d5&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 88628347727444CD928A7664D0844A56 Ref B: DUS30EDGE0318 Ref C: 2024-11-25T20:46:56Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 25 Nov 2024 20:46:56 GMT

GET
H2 204 0
bat.bing.net/action/ 0
345 B 266ms
72ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=25015739&tm=gtm002&Ver=2&mid=465ad83f-f680-4069-9b27-7265474e60d5&bo=2&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=How%20to%20plan%20a%20road%20trip%20in%20America%20%7C%20Top%20Villas&p=https%3A%2F%2Fcasualsparkle.info%2F&r=&lt=969&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=91275
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70622F48EF5249488C683BC637D30512 Ref B: DUS30EDGE0318 Ref C: 2024-11-25T20:46:56Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 25 Nov 2024 20:46:56 GMT

GET
H3 200 1049138845110757 Show response
connect.facebook.net/signals/config/ 77 KB
15 KB 160ms
157ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1049138845110757?v=2.9.176&r=stable&domain=casualsparkle.info&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

0e189b82e0e70885a65f484eb37862c17a7e460b402811f07a2386fca5afb4c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-CVP2F5nu' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 20:46:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-CVP2F5nu' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=69, mss=1232, tbw=70388, tp=67, tpl=0, uplat=96, ullat=0
pragma: public
x-fb-debug: /8BAoExIz9yIt0UIgMhaiqVNtguP24BnnBLHt2gvESz8c7VI2HFomKU8Rs1Qjt3q6Biiq1hnkUatInq62lQ74w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 track.php
lantern.roeye.com/ 0
128 B 172ms
49ms Image
image/gif 54.195.0.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lantern.roeye.com/track.php?fingerprint=&referrer=&landingpage=https%3A%2F%2Fcasualsparkle.info%2F&useragent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&site=12048
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.0.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-0-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

content-length: 0
date: Mon, 25 Nov 2024 20:46:56 GMT
content-type: image/gif
server: nginx

GET
H2 200 widget Show response
widgetbe.com/ Frame 0602 173 KB
174 KB 456ms
450ms Script
application/javascript 2600:9000:223c:cc00:1a:4e43:6c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/widget
Requested by: Host: casualsparkle.info
URL: https://casualsparkle.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:cc00:1a:4e43:6c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.62 () OpenSSL/1.0.2k-fips PHP/8.1.29 / PHP/8.1.29
Resource Hash: 27f1c653fa57efb0f78386773681eae6bc3fedc7daadc1f0d52ba00af9c67705

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
expires: Tue, 25 Nov 2025 20:46:57 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 5NHa9MhrXjhsatKhoHP8OmIJ9A-XP88Mg86kxVh6GlNIVSx9OVTGFg==
date: Mon, 25 Nov 2024 20:46:57 GMT
content-type: application/javascript
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
cache-control: no-cache, private, max-age=31536000
access-control-allow-credentials: true
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/8.1.29
server: Apache/2.4.62 () OpenSSL/1.0.2k-fips PHP/8.1.29

POST
H3 200 pages Show response
widgetbe.com/ 0
390 B 354ms
350ms XHR
text/html 18.66.102.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/pages
Requested by: Host: widgetbe.com
URL: https://widgetbe.com/agent
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-42.fra56.r.cloudfront.net
Software: Apache/2.4.62 () OpenSSL/1.0.2k-fips PHP/8.1.29 / PHP/8.1.29
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://casualsparkle.info/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: a7mHN6bdqc6W1Xei9AV7yusCWDclHbpCKe_SAzllhbuMxYBNCFQZsQ==
date: Mon, 25 Nov 2024 20:46:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
cache-control: no-cache, private
access-control-allow-credentials: true
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/8.1.29
server: Apache/2.4.62 () OpenSSL/1.0.2k-fips PHP/8.1.29

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 92ms
36ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1049138845110757&ev=PageView&dl=https%3A%2F%2Fcasualsparkle.info%2F&rl=&if=false&ts=1732567617005&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732567617001.932765229553285776&cs_est=true&ler=empty&cdl=API_unavailable&it=1732567616729&coo=false&rqm=GET

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4518, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 25 Nov 2024 20:46:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 262ms
229ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1049138845110757&ev=PageView&dl=https%3A%2F%2Fcasualsparkle.info%2F&rl=&if=false&ts=1732567617005&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732567617001.932765229553285776&cs_est=true&ler=empty&cdl=API_unavailable&it=1732567616729&coo=false&rqm=FGET

Requested by

Host: casualsparkle.info
URL: https://casualsparkle.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441321253239991281"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 20:46:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 28CnLvU6RTmr7g+FsOeuBvjaJ7SETkl2DTSV9P6Te0gWvQNLBlCXZFhUluHqJGjoqjuPnlXIlwmJdcogxr89Yg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441321253239991281", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4886, tp=13, tpl=0, uplat=192, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 Favicon-14.19.57.png
casualsparkle.info/landers/509c3e5906/images/ 1 KB
2 KB 80ms
80ms Other
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casualsparkle.info/landers/509c3e5906/images/Favicon-14.19.57.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03cf4407ac820474a275ca6322089ecd7af7c8c3361ea2334c2db06167684f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

cf-cache-status: MISS
etag: "670547bc-563"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14b5WdNF58T3mNrUV%2BO6gWwj9sX2bYqTwEo2456YdFpkCF37XFm9lJ64tU74dyyENqSZ554LujWPAGfafkAV3rD%2F%2BhXP0yBQku1N7rpx9AJH3xwz1YBTFYbUAEBBRz%2B172fkzrY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26615&sent=511&recv=97&lost=16&retrans=16&sent_bytes=554334&recv_bytes=18952&delivery_rate=108329&cwnd=110040&unsent_bytes=0&cid=59cff632c6b8334e&ts=2479&x=1", cfHdrFlush;dur=0
date: Mon, 25 Nov 2024 20:46:57 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e847db84b8c665c-AMS
accept-ranges: bytes
content-length: 1379
server: cloudflare

GET
H3 200 Favicon-14.19.57.png
casualsparkle.info/landers/509c3e5906/images/ 1 KB
0 1ms
0ms Other
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casualsparkle.info/landers/509c3e5906/images/Favicon-14.19.57.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03cf4407ac820474a275ca6322089ecd7af7c8c3361ea2334c2db06167684f86

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casualsparkle.info/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "670547bc-563"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14b5WdNF58T3mNrUV%2BO6gWwj9sX2bYqTwEo2456YdFpkCF37XFm9lJ64tU74dyyENqSZ554LujWPAGfafkAV3rD%2F%2BhXP0yBQku1N7rpx9AJH3xwz1YBTFYbUAEBBRz%2B172fkzrY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e847db84b8c665c-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26615&sent=511&recv=97&lost=16&retrans=16&sent_bytes=554334&recv_bytes=18952&delivery_rate=108329&cwnd=110040&unsent_bytes=0&cid=59cff632c6b8334e&ts=2479&x=1", cfHdrFlush;dur=0
content-length: 1379
date: Mon, 25 Nov 2024 20:46:57 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 14:54:52 GMT
vary: Accept-Encoding
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: casualsparkle.info
URL: blob:https://casualsparkle.info/2bb728c7-d440-4f7b-8546-bfb3694095ee

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
casualsparkle.info/	1970-01-21 01:17:34	Name: uclick Value: 1zghfy4k
casualsparkle.info/	1970-01-21 01:17:34	Name: uclickhash Value: 1zghfy4k-1zghfy4k-17y9-0-gxa5bl-2t8w52-2t8wci-f02c80
.casualsparkle.info/	1970-01-21 03:25:43	Name: _gcl_au Value: 1.1.783472288.1732567616
.casualsparkle.info/	1970-01-21 01:17:34	Name: _gid Value: GA1.2.2142757404.1732567616
.casualsparkle.info/	1970-01-21 01:16:07	Name: _gat_UA-24764150-1 Value: 1
.casualsparkle.info/	1970-01-21 10:52:07	Name: _ga_56C0MKE0D4 Value: GS1.1.1732567616.1.0.1732567616.60.0.1759845621
.casualsparkle.info/	1970-01-21 10:52:07	Name: _ga Value: GA1.1.1826450414.1732567616
.casualsparkle.info/	1970-01-21 10:52:07	Name: WidgetTrackerCookie Value: 66b96b40-e54e-48ca-9fc4-6c977e27cb69
.casualsparkle.info/	1970-01-21 03:25:43	Name: _fbp Value: fb.1.1732567617001.932765229553285776

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://widgetbe.com/agent Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bat.bing.net
casualsparkle.info
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
lantern.roeye.com
lantern.roeyecdn.com
region1.analytics.google.com
stats.g.doubleclick.net
widgetbe.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.nl
www.googletagmanager.com
www.thetopvillas.com
casualsparkle.info
157.240.253.1
157.240.253.35
172.217.18.3
18.66.102.42
188.114.96.3
2001:4860:4802:32::36
2600:9000:21f3:7e00:f:8ce2:fb80:93a1
2600:9000:223c:cc00:1a:4e43:6c40:93a1
2600:9000:2250:800:1f:af3f:8a40:93a1
2606:4700:10::ac43:f79
2620:1ec:33:1::10
2620:1ec:c11::237
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9c
54.195.0.234
03cf4407ac820474a275ca6322089ecd7af7c8c3361ea2334c2db06167684f86
0e189b82e0e70885a65f484eb37862c17a7e460b402811f07a2386fca5afb4c6
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
16c81dc073e8941d4f8b09a65e1a008bdfc7eedd9c943404aec16eda8cd120c5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
25263ac4eb286992fb36f3acebf349dd20a309f7ff8e2958846848d14e1e3a1a
27f1c653fa57efb0f78386773681eae6bc3fedc7daadc1f0d52ba00af9c67705
28b03242c9d0a18990b3548392de3e451a345388f36aa366c373a8bc40c8a518
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c7f66ef1df1671cc8835390dc4e308c0fdc203c6dc92b9934ace96d10914e0e
318f2f239c80ac020a8ad1d5169d5873a8b0f1ae9e630983d5e16580bf8700c4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
486e20e257e5489757d50fd9233cdf7554b1dc619349544d90738162fbfda136
49b0fc449501df9ed856c763b681379cbbdf1c0cd88f1dd5d3b10505414e0feb
4a5bf20ded729d6c50629f9fc789c5bc11b0698ed8087ff9d420b22bf20a2d1a
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fd67150f8d5ae944102afd68f1a206cb1eedaeacc12e48e512860649f65edb1
50a6c110b081332e38c876c8c6a6f15ee61c55f9833fc7242f86609dd1bb1d9e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d3ef43a686cd253ea212540b42716762d2939993fcd57944d4eada4a5194a35
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
643a4f21cf8d71b7f380924f26a7a9b85b2d805dcb4ab9e3fd085d59cf302444
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
71ed08d833d8f0d4bb7fcd1508756ca433d7a2f29dd154f70777c0050eb7cb8b
7794957586447e251b87cc7e1281c284bd5f342908f09864f4ee9a7292966faa
893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
acc0312c89867c732318c089e3d53dc0c6dd930c831296f10aecb78fdf63b70d
af3ec492d9943e541bdf05efdd11db979ec280a78fb1d772f7028883bd8a4fe7
b143f6f70b25d00956f5bef9423f47662d8d6d4b1b877ad6bcbaff749dea7a18
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc9ced4e93a6345341cbe63c09fb0cf87224f29b1cee05f05269b61132b04170
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c
ce8847217f8f8997ab0415020270242350e0ae71daea9cb50db0f269d6ec5f78
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e1346ba855702d564b8dbae71c7d8e9c465d6657bbbff6f3eaa00cedf4f4aa53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f026859431b774398799772327b1a0ceaeb338544a176b5722eb3da7b463d21c
f17d7a556b731907aa2ac3e1c01e3b43b22033e2d62bfe18f3e5f6c7995844c0
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f66ebe8380e2ab37653e8db9d7d6113d4fd6afe5092106bbe29d358db6c57b8b
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

casualsparkle.info Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

67 %IPv6

17 Domains

17 Subdomains

19 IPs

5 Countries

1896 kBTransfer

3458 kBSize

9 Cookies

73 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

casualsparkle.info Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

67 %
IPv6

17
Domains

17
Subdomains

19
IPs

5
Countries

1896 kB
Transfer

3458 kB
Size

9
Cookies

63 HTTP transactions
1 data transactions