crossstitchcolor.com Open in urlscan Pro
104.21.28.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://crossstitchcolor.com/
Effective URL:
https://crossstitchcolor.com/
Submission: On September 10 via api (September 10th 2022, 2:08:27 am UTC) from NZ — Scanned from DE

Summary HTTP 36 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 36 HTTP transactions. The main IP is 104.21.28.217, located in and belongs to CLOUDFLARENET, US. The main domain is crossstitchcolor.com.
TLS certificate: Issued by GTS CA 1P5 on August 23rd 2022. Valid for: 3 months.

This is the only time crossstitchcolor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	104.21.28.217 104.21.28.217	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2.23.97.99 2.23.97.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
28	2a00:1450:400... 2a00:1450:4001:80b::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	5

3 104.21.28.217 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

crossstitchcolor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.97.99 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-99.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 334	27 MB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1027	89 KB
3	crossstitchcolor.com 1 redirects crossstitchcolor.com	240 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	166 KB
36	4

	Domain	Requested by
28	play-lh.googleusercontent.com	crossstitchcolor.com
5	analytics.tiktok.com	crossstitchcolor.com analytics.tiktok.com
3	crossstitchcolor.com	1 redirects crossstitchcolor.com
1	cdnjs.cloudflare.com	crossstitchcolor.com
36	4

This site contains links to these domains. Also see Links.

Domain
play.google.com

Subject Issuer	Validity	Valid
*.crossstitchcolor.com GTS CA 1P5	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://crossstitchcolor.com/
Frame ID: 0EABB4457A74D5630BA5D32647429FAD
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cross Stitch: Color by Letters

Page URL History Show full URLs

http://crossstitchcolor.com/ HTTP 301
https://crossstitchcolor.com/ Page URL

Page Statistics

36
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

27672 kB
Transfer

28533 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.playcus.crossstitch
Title: Pobierz teraz !

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://crossstitchcolor.com/ HTTP 301
https://crossstitchcolor.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
crossstitchcolor.com/
Redirect Chain

http://crossstitchcolor.com/
https://crossstitchcolor.com/

840 KB
238 KB

767ms
728ms

Document
text/html

104.21.28.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.28.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

921e1f29676152ec200456ecbb7e150d4565d09a7573871af96bf95bb456907d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74849d93b9f3dd7a-LHR
content-encoding: br
content-language: de-DE
content-type: text/html; charset=utf-8
date: Sat, 10 Sep 2022 02:08:24 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jveepXpnyeW%2BksqBZx9Doas15MsyxI9rihCBGzx%2FG50D%2F0ntdHto6Gxt0HzoZxF1dToSpxZ5wfby4DC4XYTKzaFj%2FNLzd%2BtqrhOV2P0tkQ7fL8dpMymh%2FKy3GhPF1ISIzJXJ%2FyCCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

CF-RAY: 74849d935ef77499-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 10 Sep 2022 02:08:23 GMT
Expires: Sat, 10 Sep 2022 03:08:23 GMT
Location: https://crossstitchcolor.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV75sPFOt72X4UH5nhElovods%2Fsz98iLmpZC%2F3vlRalkdV4ReS%2F1z6PAegTUgHjWBsZakjRRiis%2BE59zIefwsTa0lSOUF2f%2Bw0LkolY9Bz7PoxekZcKF7C%2BHk79bmJY0zLhkYmGHDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 126 KB
38 KB 316ms
132ms Script
application/javascript 2.23.97.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Requested by: Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.99 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b0846e2085734628a05c6d4834946aa5b344f0576d1dff2095161237f5799c7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 02:08:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022091002082495C69ACDF86DB78F93DB
vary: Accept-Encoding
x-cache: TCP_MISS from a2-23-97-95.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 106,2.23.97.95
x-tt-trace-host: 01eefdfa336408dc4139d00d1b7a95e7b6f7d9e8cea4892a1477da4b850bd1a709581744746a91742cb04b9aaa233377881479c2e6cc9debac5bf6ef71477c0a5a20f8fa48c88bc4d68479b57d8031829c
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=106
x-akamai-request-id: 29610cb9
expires: Sat, 10 Sep 2022 02:08:24 GMT

GET
H2 200 83r3x6tFSCvFKoafM2jGk1ujX0jF2xr299yeYyCs8jLJfCKkH6z1WtE1epKdFkEYUBU
play-lh.googleusercontent.com/ 335 KB
335 KB 149ms
54ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/83r3x6tFSCvFKoafM2jGk1ujX0jF2xr299yeYyCs8jLJfCKkH6z1WtE1epKdFkEYUBU

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bce84e07342fe7edb40837667f3dc5c7e666d766c5ea508a22a3384670e31020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crossstitchcolor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:24 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342791
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:31 GMT

GET
H2 200 materialdesignicons-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/3.2.89/fonts/ 165 KB
166 KB 61ms
20ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/3.2.89/fonts/materialdesignicons-webfont.woff2?v=3.2.89

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76fba4034aa500e9c38277e86edff4bc5955524196d68c4b3cff64c13249f6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://crossstitchcolor.com/
Origin: https://crossstitchcolor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7360937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 169440
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-295e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEEfnB9CaRCvO4KK%2BwYn6R82X7%2Fo29aWKOk17pybmQ0zliHXOkvxlIlXWJNHKAiqDSCf4lp%2B51UL2Wcjo2APhcZ7LxJM5IBsXpUqALsAEZo7yDu2tTDkY98mbm2X9p3K3A8TcReVe0zqN9Xgw312te6m"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74849d9a6ca39b3d-FRA
expires: Thu, 31 Aug 2023 02:08:24 GMT

GET
DATA 200
OK truncated
/ 12 KB
0 Image
text/plain

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bcb1e909b4e35ea5d5e5e4549d9334ecdab9f29161ba7eee947aadac3cea62c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H2 200 DcyqBwn5_qtTosc3WK8qL_7cw2tG_V9nzTflNUlJ1-q-3chVc53ZUufsQdM8tJR8VbSR=w356-h775-p
play-lh.googleusercontent.com/ 525 KB
526 KB 323ms
323ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/DcyqBwn5_qtTosc3WK8qL_7cw2tG_V9nzTflNUlJ1-q-3chVc53ZUufsQdM8tJR8VbSR=w356-h775-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6cb4783ee2826c7b1414f3a67fbb94c64239dfb6a3a1c93b432d003c2f616b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 538101
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:31 GMT

GET
H2 200 zanMJ_g0KOLz1wCsJm5mTWSZ0HNqNz33HY_IGW1nsxjDJ95mZCipldzlAOtPYKoQPw
play-lh.googleusercontent.com/ 249 KB
249 KB 357ms
357ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/zanMJ_g0KOLz1wCsJm5mTWSZ0HNqNz33HY_IGW1nsxjDJ95mZCipldzlAOtPYKoQPw

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

003479912d960dfd892562e68bc38904924b695fab2764b4cd49029c5e3d3986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254821
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 01 Sep 2022 02:11:48 GMT

GET
H2 200 mws_OU9HM8jciM4HG7mOwcmQgDcTnSulbW7uApXyKDPIxc1VTEg5-woaNGi5eo4h9jWZ
play-lh.googleusercontent.com/ 189 KB
189 KB 280ms
279ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/mws_OU9HM8jciM4HG7mOwcmQgDcTnSulbW7uApXyKDPIxc1VTEg5-woaNGi5eo4h9jWZ

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ded6dbe4dc3070b81279ee4f9f95fe355736fca63ca585e25f9c1ea7740ab76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193853
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:31 GMT

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc76cf462877aac5e622643c034dbaeaeaa5a1c754512ce66396775de88fded4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 83r3x6tFSCvFKoafM2jGk1ujX0jF2xr299yeYyCs8jLJfCKkH6z1WtE1epKdFkEYUBU=w438-h895-p
play-lh.googleusercontent.com/ 544 KB
545 KB 356ms
356ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/83r3x6tFSCvFKoafM2jGk1ujX0jF2xr299yeYyCs8jLJfCKkH6z1WtE1epKdFkEYUBU=w438-h895-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5900e148d51f9c29bbd83ff63947f57ae251481b675f16e2cab6dede36c89a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557375
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:31 GMT

GET
H2 200 DcyqBwn5_qtTosc3WK8qL_7cw2tG_V9nzTflNUlJ1-q-3chVc53ZUufsQdM8tJR8VbSR
play-lh.googleusercontent.com/ 279 KB
280 KB 292ms
292ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/DcyqBwn5_qtTosc3WK8qL_7cw2tG_V9nzTflNUlJ1-q-3chVc53ZUufsQdM8tJR8VbSR

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d10a951bfcc64f23e90a02c7166c1b2f32ac9e9f5e538fa8860cb5df56e7fd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crossstitchcolor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286174
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:31 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e77b18773d016df1a32569498f8ae1fcfa5acd2b9cc2717025194bfdaae2848e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 DcyqBwn5_qtTosc3WK8qL_7cw2tG_V9nzTflNUlJ1-q-3chVc53ZUufsQdM8tJR8VbSR=w750-h1334-p
play-lh.googleusercontent.com/ 2 MB
2 MB 543ms
525ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/DcyqBwn5_qtTosc3WK8qL_7cw2tG_V9nzTflNUlJ1-q-3chVc53ZUufsQdM8tJR8VbSR=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d57864f7d64cda3a9e522a88c098fdf68d203a72bd998bfb26ba1b2b938aaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1667992
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 zanMJ_g0KOLz1wCsJm5mTWSZ0HNqNz33HY_IGW1nsxjDJ95mZCipldzlAOtPYKoQPw=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 964ms
947ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/zanMJ_g0KOLz1wCsJm5mTWSZ0HNqNz33HY_IGW1nsxjDJ95mZCipldzlAOtPYKoQPw=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

60af677aff455dfe7e6b4fd8853b594ad54493ad2ee8034d77b809f0af31f07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1364945
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 mws_OU9HM8jciM4HG7mOwcmQgDcTnSulbW7uApXyKDPIxc1VTEg5-woaNGi5eo4h9jWZ=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 894ms
878ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/mws_OU9HM8jciM4HG7mOwcmQgDcTnSulbW7uApXyKDPIxc1VTEg5-woaNGi5eo4h9jWZ=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e7e6364a240de05f7273639d96a91e24229c69634a7723423798a253ed1feb4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115235
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 01 Sep 2022 02:11:49 GMT

GET
H2 200 1p8Yu0YmISGEdTi1sYxGUML02sQlhMhEgWYmYV41kVkoZ7yZbrJTFN4r_Y1iKEnHylw=w750-h1334-p
play-lh.googleusercontent.com/ 2 MB
2 MB 702ms
687ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/1p8Yu0YmISGEdTi1sYxGUML02sQlhMhEgWYmYV41kVkoZ7yZbrJTFN4r_Y1iKEnHylw=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ed0a389b8bdf6397374eb12e9865cbcf7f9cf059e56a43bc9dd4ef32f38cc4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1613721
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 02 Sep 2022 12:49:19 GMT

GET
H2 200 33ZsBpWD6cLDZ_ZXfjMYQKywIeMZ9r-4GSQz7Um_njidEl4HxLjgDLL56VCGg5RZXto=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 792ms
777ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/33ZsBpWD6cLDZ_ZXfjMYQKywIeMZ9r-4GSQz7Um_njidEl4HxLjgDLL56VCGg5RZXto=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9fccbd1b8ed7823faa0b9f6be0ea8d71d59f7d32e0467d12df10732ff0d3cb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1311596
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 TJ9nb3n81QEHQo4BAq0mEoYgks06zJZsJDGJhQbFh0uftVJY3JDJlhZo0_glQswJ1g=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 892ms
879ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/TJ9nb3n81QEHQo4BAq0mEoYgks06zJZsJDGJhQbFh0uftVJY3JDJlhZo0_glQswJ1g=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1d59c0328cd019b395c1bc13ce6ec4791a1582ee68d7fd18d044df36dfb4c610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1245573
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 01 Sep 2022 02:11:49 GMT

GET
H2 200 u7kUtepIv0KGi7sZdy-T6-bHDF1Z2xDuOu2m5tJXFjeJGpCA2qEW2esfnpBkjzXIWM0=w750-h1334-p
play-lh.googleusercontent.com/ 2 MB
2 MB 928ms
915ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/u7kUtepIv0KGi7sZdy-T6-bHDF1Z2xDuOu2m5tJXFjeJGpCA2qEW2esfnpBkjzXIWM0=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a7164752ec167cf4039d10ea4dd08c92500608aef8e4eb815da4732de2e39eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1739118
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 voOzH2Zb3c2v7ikP2KIMJIblw9szOpbebcCQQToAqjWhNu0I0upRQSWZH0OXE8ZwYu3y=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 637ms
625ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/voOzH2Zb3c2v7ikP2KIMJIblw9szOpbebcCQQToAqjWhNu0I0upRQSWZH0OXE8ZwYu3y=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c0dcf3824ecf748948d041c19e2aa90da515e935c82ce4bba46b2f1becbed57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1367346
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 CpaRlhMZuV6jR3X3pET5avPxb2dER14A93NS2ydlJvzewWqZYku8QVraK8k5RnShFA=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 889ms
878ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/CpaRlhMZuV6jR3X3pET5avPxb2dER14A93NS2ydlJvzewWqZYku8QVraK8k5RnShFA=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

017e8a0158865b9b4ada3b2d7d8bd260fc03a4774171b61814adc59b26dc5135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073345
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 01 Sep 2022 02:11:49 GMT

GET
H2 200 xILjuzZUJ076ch9B7Epl0YYtpNs_tThIuODkSJpZEffioJ85HPNarQoJieYhwT17JUE=w750-h1334-p
play-lh.googleusercontent.com/ 2 MB
2 MB 506ms
495ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/xILjuzZUJ076ch9B7Epl0YYtpNs_tThIuODkSJpZEffioJ85HPNarQoJieYhwT17JUE=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e503ad59007e5d7baeb469c638a7b45cdcae9c95c86f0dd5f5313389c84add85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1776729
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:31 GMT

GET
H2 200 crESUww1p5Cmr3-ihXfubjNefC72gDegUrBfAUbm0G9jbQOLU9buYMVHCZF6oX4ahEM=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 926ms
916ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/crESUww1p5Cmr3-ihXfubjNefC72gDegUrBfAUbm0G9jbQOLU9buYMVHCZF6oX4ahEM=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7316dd2917227c79dcbebd9e33a145600260f2f06a451e76d000551e7c707c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1422323
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 FF2lRXiPy27JrXl-IfD7tvndyMLnHTyT2M-CLvnA8C-bGLhj97xuOdOjR8LTkugS8iOi=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 438ms
428ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/FF2lRXiPy27JrXl-IfD7tvndyMLnHTyT2M-CLvnA8C-bGLhj97xuOdOjR8LTkugS8iOi=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f05bb92d92f1aadbd4573849accfa4b2f87607a0a8209c9cfc4e01e2d34860e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1248085
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:31 GMT

GET
H2 200 Hwf9B1PSFqF0CW1k3O4lQy07Wb2xsalGdwx-nyvWIyTBa9MJW2PiUYQyyObBlYb7BLw=w750-h1334-p
play-lh.googleusercontent.com/ 2 MB
2 MB 614ms
605ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/Hwf9B1PSFqF0CW1k3O4lQy07Wb2xsalGdwx-nyvWIyTBa9MJW2PiUYQyyObBlYb7BLw=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a7164752ec167cf4039d10ea4dd08c92500608aef8e4eb815da4732de2e39eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1739118
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 bMJvRp8gYZFa3OP7p0nwTDNQ5EEAuFiZRAMG1XI6mYbcNFmMRN5DWvS6iOest2rQkwg=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 784ms
775ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/bMJvRp8gYZFa3OP7p0nwTDNQ5EEAuFiZRAMG1XI6mYbcNFmMRN5DWvS6iOest2rQkwg=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c0dcf3824ecf748948d041c19e2aa90da515e935c82ce4bba46b2f1becbed57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1367346
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 Az0-ET3FYkgZIVlVU0o7ci35FyZwQtDP4e5rE7dNIUL_4wWQ-c24kcsNTELEipCCfQQ=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 697ms
689ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/Az0-ET3FYkgZIVlVU0o7ci35FyZwQtDP4e5rE7dNIUL_4wWQ-c24kcsNTELEipCCfQQ=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

017e8a0158865b9b4ada3b2d7d8bd260fc03a4774171b61814adc59b26dc5135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073345
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 HhyV79TTodXtaQuKuujOdBapH7IxrrkyrYRDSES6ckNvrnaa-QcWQNNGzWLGK_UeKA=w750-h1334-p
play-lh.googleusercontent.com/ 2 MB
2 MB 532ms
525ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/HhyV79TTodXtaQuKuujOdBapH7IxrrkyrYRDSES6ckNvrnaa-QcWQNNGzWLGK_UeKA=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e503ad59007e5d7baeb469c638a7b45cdcae9c95c86f0dd5f5313389c84add85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1776729
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 01 Sep 2022 02:11:49 GMT

GET
H2 200 OzAT9axYcWMQgry-2WjB_gUQKhePXU3Vmn-aLhqgudt-AGGdr37RSIIA11ybsCARDEde=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 886ms
879ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/OzAT9axYcWMQgry-2WjB_gUQKhePXU3Vmn-aLhqgudt-AGGdr37RSIIA11ybsCARDEde=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7316dd2917227c79dcbebd9e33a145600260f2f06a451e76d000551e7c707c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1422323
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
H2 200 mmkhXmutDb5CR417-7dEsQLCx_axswPQUEsUVUlOoXr_1J7-vCLY1Iyc0iKVs3IIiQ=w750-h1334-p
play-lh.googleusercontent.com/ 1 MB
1 MB 496ms
489ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/mmkhXmutDb5CR417-7dEsQLCx_axswPQUEsUVUlOoXr_1J7-vCLY1Iyc0iKVs3IIiQ=w750-h1334-p

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f05bb92d92f1aadbd4573849accfa4b2f87607a0a8209c9cfc4e01e2d34860e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1248085
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:32 GMT

GET
DATA 200
OK truncated
/ 17 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6eff88c0d5d9d417584f806ef8b50e48f1c364ddaad50bb1e72aa76b4cec150

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AFdZucq4Nq9Z_SRi7o9QHNRa8yHG8vkNUXc13M4U59m4
play-lh.googleusercontent.com/a-/ 38 KB
38 KB 415ms
409ms Image
image/jpeg 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/AFdZucq4Nq9Z_SRi7o9QHNRa8yHG8vkNUXc13M4U59m4

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

46d5a1180a5391aee39641891f87228965fd67665111f2039902897ffc6e6860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39131
x-xss-protection: 0
server: fife
etag: "va"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:07:31 GMT

GET
H2 200 EGemoI2NTXmTsBVtJqk8jxF9rh8ApRWfsIMQSt2uE4OcpQqbFu7f7NbTK05lx80nuSijCz7sc3a277R67g
play-lh.googleusercontent.com/ 17 KB
17 KB 61ms
56ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/EGemoI2NTXmTsBVtJqk8jxF9rh8ApRWfsIMQSt2uE4OcpQqbFu7f7NbTK05lx80nuSijCz7sc3a277R67g

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bdf9075087a12f970d7d8d8e91fe84da904b3b8273fa9c529196181606ac97e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16970
x-xss-protection: 0
expires: Sun, 11 Sep 2022 02:08:24 GMT

GET
H2 200 AItbvmnyfCAm0FYyopiBWOJ0IUupNx8haMmGD5WiWkcc=mo
play-lh.googleusercontent.com/a/ 7 KB
7 KB 273ms
268ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/AItbvmnyfCAm0FYyopiBWOJ0IUupNx8haMmGD5WiWkcc=mo

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f405a673bdfa56d7f96e2788ec80c0e304e6fabf7d5cbc17fc3a1d9e431ebb44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7325
x-xss-protection: 0
expires: Sun, 11 Sep 2022 02:08:25 GMT

GET
H2 200 AItbvmlfnrsh92DVxA4o3OgthuvjZ0Kf_c-gtAa2FQry=mo
play-lh.googleusercontent.com/a/ 2 KB
2 KB 278ms
274ms Image
image/png 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/AItbvmlfnrsh92DVxA4o3OgthuvjZ0Kf_c-gtAa2FQry=mo

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91acde16cb445f9356d39d3341e0d8f775d113fbe865e8116d228fc03e643e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:25 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2048
x-xss-protection: 0
expires: Sun, 11 Sep 2022 02:08:25 GMT

GET
H2 200 email-decode.min.js Show response
crossstitchcolor.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
18ms Script
application/javascript 104.21.28.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://crossstitchcolor.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: crossstitchcolor.com
URL: https://crossstitchcolor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.28.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 17:30:56 GMT
server: cloudflare
etag: W/"631783d0-4d7"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESq%2FL0t6Sl3hpJ32mBjvBtBGjWkpLAEveR1NGlvTQb03WkVvqhFyhy%2FKrZUuZRWMhb3GBQDqvMGXYvP7HDE1BXrvBAdkNsIERkHcm8FjC3TfWn5HbkpI7o6C%2FMu9Zb0deWoKiiR27w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74849d9bea5fdd7a-LHR
vary: Accept-Encoding
expires: Mon, 12 Sep 2022 02:08:24 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 143ms
143ms Script
application/javascript 2.23.97.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.99 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-akamai-request-id: 50f0056e.29610d31
date: Sat, 10 Sep 2022 02:08:25 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-201-31-158.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-95.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time: 117,2.23.97.95
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=7, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202209100208259636A1CDB72BC59BDD73
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.201.31.158
x-tt-trace-host: 01eefdfa336408dc4139d00d1b7a95e7b6914bcfe865ed3bf721ab0e754b155c68aa6fd3c31dece7ff1f6d28bc08b9879bdfdb962c21e9e4fd3458b8834f5fd96688a48cb6ebc35ded03d71ee274a5a770ea1b7a1a246a2d281ee99f36ec3450cd
expires: Sat, 10 Sep 2022 02:08:25 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 168ms
168ms Script
application/javascript 2.23.97.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=&hostname=crossstitchcolor.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.99 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 308319bb2a675fd35a4802c0f674a0206bf9f084432665f08c2072db66692454

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 02:08:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220910020825C4AC71E4F7CACD91F911
vary: Accept-Encoding
x-cache: TCP_MISS from a2-23-97-95.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 118,2.23.97.95
x-tt-trace-host: 01eefdfa336408dc4139d00d1b7a95e7b6f7d9e8cea4892a1477da4b850bd1a70911b2429ecfc82a6b0e4411ac8da6ab9128c719cd02016af4eeff26f12fab539642ec48fca1e6b5fc9508f7ef418408f6
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=0, origin; dur=118
x-akamai-request-id: 29610d70
expires: Sat, 10 Sep 2022 02:08:25 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
544 B 141ms
140ms Ping
application/octet-stream 2.23.97.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.99 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 02:08:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220910020825C4AC71E4F7CACD91F92F
x-cache: TCP_MISS from a2-23-97-95.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 115,2.23.97.95
x-tt-trace-host: 01eefdfa336408dc4139d00d1b7a95e7b6f7d9e8cea4892a1477da4b850bd1a709bfe618e116cfc0c094a4a6dfc4a961fdd32133e7025ea48c346a3ca486da2e1385b5622417c66bdc439d7d81b1ed07b2
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=1, origin; dur=115
x-akamai-request-id: 29610e8c
content-length: 0
expires: Sat, 10 Sep 2022 02:08:25 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
544 B 139ms
138ms Ping
application/octet-stream 2.23.97.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.99 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 02:08:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220910020825CC8D26AEC6A4E39771A3
x-cache: TCP_MISS from a2-23-97-95.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 111,2.23.97.95
x-tt-trace-host: 01eefdfa336408dc4139d00d1b7a95e7b6f7d9e8cea4892a1477da4b850bd1a7091fee6b488b3ddb5bd4bbd5d1a4a830fe1a2da69af1aff6eb8bf0c494f1a0adf77bccc1f9c81e92631c4ac32fd907177c
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=1, origin; dur=111
x-akamai-request-id: 29610e8d
content-length: 0
expires: Sat, 10 Sep 2022 02:08:25 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tiktok.com/	1970-01-20 15:14:31	Name: _ttp Value: 2EYbwnZIiP1fdgqGIczdiX0XkrJ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdnjs.cloudflare.com
crossstitchcolor.com
play-lh.googleusercontent.com
104.21.28.217
2.23.97.99
2606:4700::6811:180e
2a00:1450:4001:80b::2016
003479912d960dfd892562e68bc38904924b695fab2764b4cd49029c5e3d3986
017e8a0158865b9b4ada3b2d7d8bd260fc03a4774171b61814adc59b26dc5135
1d59c0328cd019b395c1bc13ce6ec4791a1582ee68d7fd18d044df36dfb4c610
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
308319bb2a675fd35a4802c0f674a0206bf9f084432665f08c2072db66692454
46d5a1180a5391aee39641891f87228965fd67665111f2039902897ffc6e6860
5900e148d51f9c29bbd83ff63947f57ae251481b675f16e2cab6dede36c89a64
5c0dcf3824ecf748948d041c19e2aa90da515e935c82ce4bba46b2f1becbed57
60af677aff455dfe7e6b4fd8853b594ad54493ad2ee8034d77b809f0af31f07f
6cb4783ee2826c7b1414f3a67fbb94c64239dfb6a3a1c93b432d003c2f616b34
6d57864f7d64cda3a9e522a88c098fdf68d203a72bd998bfb26ba1b2b938aaff
7316dd2917227c79dcbebd9e33a145600260f2f06a451e76d000551e7c707c8e
76fba4034aa500e9c38277e86edff4bc5955524196d68c4b3cff64c13249f6b3
91acde16cb445f9356d39d3341e0d8f775d113fbe865e8116d228fc03e643e2f
921e1f29676152ec200456ecbb7e150d4565d09a7573871af96bf95bb456907d
9bcb1e909b4e35ea5d5e5e4549d9334ecdab9f29161ba7eee947aadac3cea62c
9ded6dbe4dc3070b81279ee4f9f95fe355736fca63ca585e25f9c1ea7740ab76
9fccbd1b8ed7823faa0b9f6be0ea8d71d59f7d32e0467d12df10732ff0d3cb0d
a7164752ec167cf4039d10ea4dd08c92500608aef8e4eb815da4732de2e39eba
b0846e2085734628a05c6d4834946aa5b344f0576d1dff2095161237f5799c7a
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
bc76cf462877aac5e622643c034dbaeaeaa5a1c754512ce66396775de88fded4
bce84e07342fe7edb40837667f3dc5c7e666d766c5ea508a22a3384670e31020
bdf9075087a12f970d7d8d8e91fe84da904b3b8273fa9c529196181606ac97e7
d10a951bfcc64f23e90a02c7166c1b2f32ac9e9f5e538fa8860cb5df56e7fd7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503ad59007e5d7baeb469c638a7b45cdcae9c95c86f0dd5f5313389c84add85
e77b18773d016df1a32569498f8ae1fcfa5acd2b9cc2717025194bfdaae2848e
e7e6364a240de05f7273639d96a91e24229c69634a7723423798a253ed1feb4e
ed0a389b8bdf6397374eb12e9865cbcf7f9cf059e56a43bc9dd4ef32f38cc4e7
f05bb92d92f1aadbd4573849accfa4b2f87607a0a8209c9cfc4e01e2d34860e9
f405a673bdfa56d7f96e2788ec80c0e304e6fabf7d5cbc17fc3a1d9e431ebb44
f6eff88c0d5d9d417584f806ef8b50e48f1c364ddaad50bb1e72aa76b4cec150

crossstitchcolor.com Open in urlscan Pro 104.21.28.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

36 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

5 IPs

4 Countries

27672 kBTransfer

28533 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

crossstitchcolor.com Open in urlscan Pro
104.21.28.217 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

27672 kB
Transfer

28533 kB
Size

1
Cookies

36 HTTP transactions
4 data transactions