www.exuberantsanctuary.shop Open in urlscan Pro
2606:4700:3035::ac43:8a23 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.exuberantsanctuary.shop/
Submission: On June 09 via api (June 9th 2024, 1:39:19 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3035::ac43:8a23, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.exuberantsanctuary.shop.
TLS certificate: Issued by GTS CA 1P5 on May 24th 2024. Valid for: 3 months.

This is the only time www.exuberantsanctuary.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3035::ac43:8a23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
13	7

3 2606:4700:3035::ac43:8a23 (United States)

ASN13335 (CLOUDFLARENET, US)

www.exuberantsanctuary.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

necolas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 519	160 KB
3	exuberantsanctuary.shop www.exuberantsanctuary.shop	313 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 260	13 KB
1	gstatic.com fonts.gstatic.com	42 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	2 KB
1	github.io necolas.github.io — Cisco Umbrella Rank: 142067	2 KB
13	6

	Domain	Requested by
5	play-lh.googleusercontent.com	www.exuberantsanctuary.shop
3	www.exuberantsanctuary.shop	www.exuberantsanctuary.shop
2	cdnjs.cloudflare.com	www.exuberantsanctuary.shop
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.exuberantsanctuary.shop
1	necolas.github.io	www.exuberantsanctuary.shop
13	6

This site contains links to these domains. Also see Links.

Domain
play.google.com

Subject Issuer	Validity	Valid
exuberantsanctuary.shop GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
edgestatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.exuberantsanctuary.shop/
Frame ID: 2F1E892250CB924D7C92EAEDCCED0CCF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aviator

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

532 kB
Transfer

994 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.bewe.app1095
Title: Download

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/developer?id=Bewe+Digital+Solutions,+SL.
Title: https://play.google.com/store/apps/developer?id=Bewe+Digital+Solutions,+SL.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
www.exuberantsanctuary.shop/ 424 KB
311 KB 600ms
515ms Document
text/html 2606:4700:3035::ac43:8a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exuberantsanctuary.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d24aeb88420e059baf1506d66ff52f7957571e2af61ee2dd7e7c835ffef91031

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 891186cccbe2bbb9-FRA
cf-signal-fnrrx: 63c7e88f-d17e-4c0f-9e45-44bdd146e648
cf-x-requguest-id: 63c7e88f-d17e-4c0f-9e45-44bdd146e648
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 09 Jun 2024 13:39:14 GMT
expires: 0
last-modified: Sat, 08 Jun 2024 17:26:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3n2gjJl4q7y6KMkxiDrnSAVK7LtnKOTzqdcAyyMQo%2B99G0KqShSsXQ07K%2BYxYMc9JLRwvZHnT8wGVFDAaB5in%2BAT851vqwYhiY%2F6dcSZmko73eRgUcA6R8qSLMqO2pfQpNGLsm75fun7dhmdPyhug%2Fvj5A%2BEgir3o7M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 normalize.css
necolas.github.io/normalize.css/8.0.1/ 6 KB
2 KB 87ms
33ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://necolas.github.io/normalize.css/8.0.1/normalize.css
Requested by: Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 4312b27ae779d1e12606abb212f1f39d27d43108
date: Sun, 09 Jun 2024 13:39:14 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 147
x-cache: HIT
x-proxy-cache: HIT
content-length: 1738
x-served-by: cache-fra-eddf8230058-FRA
last-modified: Mon, 05 Nov 2018 02:35:30 GMT
server: GitHub.com
x-github-request-id: A72C:F0D57:AD406E:B2EBFA:666137F3
x-timer: S1717940355.628488,VS0,VE2
etag: W/"5bdfac72-17fa"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 06 Jun 2024 04:24:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
2 KB 84ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Reddit+Sans:ital,wght@0,200..900;1,200..900&family=Roboto&family=Varela&display=swap

Requested by

Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c529ab9af3ee2e457d77f3f339cb5f335ee5281a2313873c3cc19c66b35a3c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 13:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 13:39:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 13:39:14 GMT

GET
H3 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.4/ 2 KB
1 KB 70ms
40ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.4/tiny-slider.css

Requested by

Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 13:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 234874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
last-modified: Tue, 26 Oct 2021 21:33:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61787428-23d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcDDksMe1aDRCWaPJr8MYPYgDwnk%2BofNFlfjymePYylNP72%2BCobOUryuTB0SrKP%2B9YPXJ6YCzcrD8Pd6jH%2Fdr5GM%2Fwn%2B9B%2BCvCnLBG8C4hgGWgZ%2F7CJFLsfDQL8cXUigfoiHIM8rGS43tl%2Fib6XunJ71"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 891186d03eea974e-FRA
expires: Fri, 30 May 2025 13:39:14 GMT

GET
H2 200 ji9hcoTiP9wDRQe4S-JMfyg4XIQvAfXgPSZw5qSowzmjUKw0rvzcydCX5d1YPy8QaEqP
play-lh.googleusercontent.com/ 22 KB
22 KB 114ms
48ms Image
image/png 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ji9hcoTiP9wDRQe4S-JMfyg4XIQvAfXgPSZw5qSowzmjUKw0rvzcydCX5d1YPy8QaEqP

Requested by

Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7395717dec53f6f3a05e5a7718ea0ea96415b53d19254470c1490abbe621dcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 10:41:03 GMT
x-content-type-options: nosniff
age: 10691
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22804
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 10 Jun 2024 10:41:03 GMT

GET
H2 200 xYOQhM0uYUnmS-Iq480Clqi3WhLN5e5oM8yOJTurok8rGOt_8vZ3likISjUakMXIuA
play-lh.googleusercontent.com/ 28 KB
28 KB 90ms
25ms Image
image/png 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/xYOQhM0uYUnmS-Iq480Clqi3WhLN5e5oM8yOJTurok8rGOt_8vZ3likISjUakMXIuA

Requested by

Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dcbf3aa2b8567b107ca4d453bbcbdd91bc760c73418af73e7387ecd2d407a72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 10:53:03 GMT
x-content-type-options: nosniff
age: 9971
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28586
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 10 Jun 2024 10:53:03 GMT

GET
DATA 200
OK truncated
/ 256 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b6a5c7e79bbaad92f541c43c1684b9bda7f283c4e9e757e9142a62d05f2bad4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61347c21a64d21816dfa3c814569519fe7433ada3192ef5e755a49fa1ce2bfc2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 EYq3maFOxq1T_-ETdN7EKQNre5Y.woff2
fonts.gstatic.com/s/redditsans/v4/ 41 KB
42 KB 69ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redditsans/v4/EYq3maFOxq1T_-ETdN7EKQNre5Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Reddit+Sans:ital,wght@0,200..900;1,200..900&family=Roboto&family=Varela&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369b9f351ab41b2cf0413fa7ab32fb3ba2741e1efac0fc6341041f373281ff3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.exuberantsanctuary.shop
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 00:02:03 GMT
x-content-type-options: nosniff
age: 221831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42008
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:32:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 00:02:03 GMT

GET
DATA 200
OK truncated
/ 40 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c04f746d6532668e50d6e990712cdadef7a655b9a768c3c075ec192d23d8f3b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OWUEeFGT9Ok1y8_3-ucIgVn0O7KKEGT1efHdS5SDHFPlS12VRnhVLIRrwp9cIU3l_8nW
play-lh.googleusercontent.com/ 26 KB
26 KB 275ms
227ms Image
image/png 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/OWUEeFGT9Ok1y8_3-ucIgVn0O7KKEGT1efHdS5SDHFPlS12VRnhVLIRrwp9cIU3l_8nW

Requested by

Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a3a61f0dbfc65fdadc3f9821c0c4a2bd25eff14f42225adf8d213fe39f778df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 13:39:14 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26428
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 10 Jun 2024 13:39:14 GMT

GET
H2 200 GbrDBduy3aRMkopiuMa1fYgNQ-zfUkrZfG-DbcNda41nDGEDwAB0chJH9UanBJumDQ
play-lh.googleusercontent.com/ 4 KB
4 KB 71ms
24ms Image
image/png 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/GbrDBduy3aRMkopiuMa1fYgNQ-zfUkrZfG-DbcNda41nDGEDwAB0chJH9UanBJumDQ

Requested by

Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0cb9c92c0f5276f439d9ab423a1074b22be5f704107c63ee08cd849c8970c237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 10:53:03 GMT
x-content-type-options: nosniff
age: 9971
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4259
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 10 Jun 2024 10:53:03 GMT

GET
H2 200 zswzb4FFXqrzV76OwUPrgI4lGck590-LzOB2vmPoXDhknZTB1mOTA--0q4RyNtfGIGk
play-lh.googleusercontent.com/ 79 KB
79 KB 105ms
58ms Image
image/png 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/zswzb4FFXqrzV76OwUPrgI4lGck590-LzOB2vmPoXDhknZTB1mOTA--0q4RyNtfGIGk

Requested by

Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e55e9b14eef4d73808b5d9419a74ea5100acb69b46836baf5c512db7dce85ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 10:52:45 GMT
x-content-type-options: nosniff
age: 9989
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81028
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 10 Jun 2024 10:52:45 GMT

GET
H3 200 email-decode.min.js Show response
www.exuberantsanctuary.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 26ms
26ms Script
application/javascript 2606:4700:3035::ac43:8a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.exuberantsanctuary.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:8a23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 13:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:27:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665f0832-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQC74bqhZxZjXHdfzFXLaVtV4PxJLmh03oivqBTugeQlbNdCM9heN9BL8s8uAwJ%2BY%2B2iU3bQFzS2tckCtnfgclFj4d3rk6RgyB57omrIdJR6VCswDxqNKhiQ10sZ8%2FYaU1FPO%2F00m0czRVjdfPjd7wgS1WdK3WPzpNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 891186d0da7fbbb9-FRA
expires: Tue, 11 Jun 2024 13:39:14 GMT

GET
H3 200 tiny-slider.js Show response
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/ 31 KB
12 KB 34ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js

Requested by

Host: www.exuberantsanctuary.shop
URL: https://www.exuberantsanctuary.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 13:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 832641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11404
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-7bfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=noKBxOrCtLOP%2FunfruL5MmQN85942CLk0JU9y32NClpWPYEpf4KR2OiwVdA5dNhWbBuylqs%2Ff9Z4AMXuQ0ubb%2FI%2B6WjCOaYHV58hbhFM4ZMXNc6O7eSCy%2FRCPDZUoD8SLdE7MIhnkPX0fy%2FvM8SkaVBY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 891186d0e80a974e-FRA
expires: Fri, 30 May 2025 13:39:14 GMT

GET
H3 200 favicon.ico
www.exuberantsanctuary.shop/ 4 KB
2 KB 95ms
95ms Other
image/x-icon 2606:4700:3035::ac43:8a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exuberantsanctuary.shop/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f35617e21bb3efbdbf628f7d7dd27c18dec139068aac6bc587239e6db51bb26b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.exuberantsanctuary.shop/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 13:39:15 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1100
last-modified: Tue, 28 May 2024 10:46:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/x-icon
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjlhGRWwGB0QYl9KtEPylG5PkX33onK6VL%2BU6OKeFwpRkPhYg2mhgVa9xqyOtqUARAJHUbKksg%2FDpce7JfT0w9TXX2UQPj%2B5Of9IsaLFAbVo7bwnMd4%2FAlvgUvSOjELS6UxKgJtTCeJTHNNCb4Z14IORgFO7%2BrU9sJU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 891186d2ad0ebbb9-FRA
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| tns number| tnsId

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.exuberantsanctuary.shop/	1970-01-21 05:57:56	Name: user_id Value: 63c7e88f-d17e-4c0f-9e45-44bdd146e648
			.www.exuberantsanctuary.shop/	1970-01-21 05:57:56	Name: onesignal_app_id Value: 59a7a7e2-db62-4f03-9764-331c4e886934

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
necolas.github.io
play-lh.googleusercontent.com
www.exuberantsanctuary.shop
2606:4700:3035::ac43:8a23
2606:4700::6811:190e
2606:50c0:8003::153
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2016
2a00:1450:4001:82a::200a
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709
0cb9c92c0f5276f439d9ab423a1074b22be5f704107c63ee08cd849c8970c237
1a3a61f0dbfc65fdadc3f9821c0c4a2bd25eff14f42225adf8d213fe39f778df
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
369b9f351ab41b2cf0413fa7ab32fb3ba2741e1efac0fc6341041f373281ff3a
4e55e9b14eef4d73808b5d9419a74ea5100acb69b46836baf5c512db7dce85ef
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
5c04f746d6532668e50d6e990712cdadef7a655b9a768c3c075ec192d23d8f3b
61347c21a64d21816dfa3c814569519fe7433ada3192ef5e755a49fa1ce2bfc2
7395717dec53f6f3a05e5a7718ea0ea96415b53d19254470c1490abbe621dcce
9b6a5c7e79bbaad92f541c43c1684b9bda7f283c4e9e757e9142a62d05f2bad4
c529ab9af3ee2e457d77f3f339cb5f335ee5281a2313873c3cc19c66b35a3c5d
d24aeb88420e059baf1506d66ff52f7957571e2af61ee2dd7e7c835ffef91031
dcbf3aa2b8567b107ca4d453bbcbdd91bc760c73418af73e7387ecd2d407a72e
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
f35617e21bb3efbdbf628f7d7dd27c18dec139068aac6bc587239e6db51bb26b

www.exuberantsanctuary.shop Open in urlscan Pro 2606:4700:3035::ac43:8a23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

7 IPs

2 Countries

532 kBTransfer

994 kBSize

2 Cookies

2 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

www.exuberantsanctuary.shop Open in urlscan Pro
2606:4700:3035::ac43:8a23 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

532 kB
Transfer

994 kB
Size

2
Cookies

13 HTTP transactions
3 data transactions