everness.ch Open in urlscan Pro
2001:1600:4:13:3673:5aff:fea0:2064 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.everness.ch/godsend/godsend.php
Effective URL:
https://everness.ch/godsend/godsend.php
Submission Tags: phishing amazon Search All
Submission: On July 30 via api (July 30th 2024, 9:48:17 am UTC) from JP — Scanned from CH

Summary HTTP 47 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 47 HTTP transactions. The main IP is 2001:1600:4:13:3673:5aff:fea0:2064, located in Switzerland and belongs to INFOMANIAK-AS, CH. The main domain is everness.ch.
TLS certificate: Issued by R11 on June 6th 2024. Valid for: 3 months.

This is the only time everness.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2001:1600:4:1... 2001:1600:4:13:3673:5aff:fea0:2064	29222 (INFOMANIA...) (INFOMANIAK-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700:10:... 2606:4700:10::ac43:1408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
2	52.48.126.242 52.48.126.242	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:15::213:7e63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2606:4700:440... 2606:4700:4400::6812:2546	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
47	16

14 2001:1600:4:13:3673:5aff:fea0:2064 (Switzerland) 1 redirects

ASN29222 (INFOMANIAK-AS, CH)

www.everness.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
everness.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::ac43:1408 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.126.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-126-242.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:15::213:7e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2546 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	everness.ch 1 redirects www.everness.ch everness.ch	103 KB
9	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 12284	78 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	71 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	gstatic.com fonts.gstatic.com	97 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	188 KB
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 14171	305 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	35 KB
1	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 34099	3 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	64 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
47	15

	Domain	Requested by
13	everness.ch	everness.ch
9	cdn-cookieyes.com	everness.ch cdn-cookieyes.com
6	mc.yandex.com	2 redirects mc.yandex.ru
3	px.ads.linkedin.com	1 redirects snap.licdn.com
2	www.facebook.com
2	mc.yandex.ru	1 redirects everness.ch
2	connect.facebook.net	everness.ch connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	everness.ch www.googletagmanager.com
2	log.cookieyes.com	cdn-cookieyes.com
2	code.jquery.com	everness.ch
1	px4.ads.linkedin.com
1	sibautomation.com	everness.ch sibautomation.com
1	snap.licdn.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	fonts.googleapis.com	everness.ch
1	www.everness.ch	1 redirects
47	17

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com
www.instagram.com
www.facebook.com
enigma.swiss

Subject Issuer	Validity	Valid
everness.ch R11	`2024-06-06` - `2024-09-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
cdn-cookieyes.com WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2024-03-26` - `2025-04-25`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-08` - `2024-08-06`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
sibautomation.com WE1	`2024-06-07` - `2024-09-05`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://everness.ch/godsend/godsend.php
Frame ID: FDB76197FE70ED533F8B44D64083B7C9
Requests: 45 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=jmkklyrq10ghhn8z62kkr4fc
Frame ID: 1EB0D00D3E73E2DAFBB69828D9B35759
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: A7BC2DB0C165835AD0EF89A4E19BB0F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found – evernessPage not found – everness

Page URL History Show full URLs

https://www.everness.ch/godsend/godsend.php HTTP 301
https://everness.ch/godsend/godsend.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

47
Requests

91 %
HTTPS

80 %
IPv6

15
Domains

17
Subdomains

16
IPs

5
Countries

672 kB
Transfer

1822 kB
Size

24
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookieyes.com/product/cookie-consent

Search URL Search Domain Scan URL

URL: https://www.instagram.com/myeverness/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/evernesshotelandresort/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://enigma.swiss/
Title: enigma.swiss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.everness.ch/godsend/godsend.php HTTP 301
https://everness.ch/godsend/godsend.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7094569&time=1722332892630&url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7094569&time=1722332892630&url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&e_ipv6=AQJqQNOC-VLskgAAAZEDCk6ETEpNwvox_tuvRbS_2V4mHIVeeyqtpLGP0XD-RKi6KciMmNkNGbp7

Request Chain 41

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10446.mMxp1fO4crunmauH54eqp_Ys8PsneI6iMiFYEMfp1OgVx4q8tzo-uAjcISctiL70.kfO4rK81wondY_R_hDOB0x4hr74%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10446.znrD5i6k5MQZsl5K2x1JWhUTY_tAdUQ2P2kF2zXCv4edvb3ytOHd6_FMKyZJokSkVq6SI1UVmmyoDCnTk6JmFwvDlMVgl0ra2nR45zSd5V6pnVPpGckvP8uX2AmxDoxlM5-6QTAxdM_6swiX9FqR3_B-tz7ingbiXlLqKzk1IkcEDOaEMTOiUAkDTqgooxZ1tVQt2LFJaxUWu3PMkomgivtARC9lQSiHFPmf42vXxeY%2C.7EWKDnBB1gEAe5fEbkvzGM9Ysgk%2C

Request Chain 45

https://mc.yandex.com/watch/85021354?wmode=7&page-url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-CH%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A1687930733979%3Ahid%3A1024622632%3Az%3A120%3Ai%3A20240730114812%3Aet%3A1722332893%3Ac%3A1%3Arn%3A290458534%3Arqn%3A1%3Au%3A17223328931283397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3127%3Awv%3A2%3Ads%3A0%2C0%2C1290%2C23%2C694%2C0%2C%2C811%2C0%2C3034%2C3034%2C1%2C2864%3Aco%3A0%3Acpf%3A1%3Ans%3A1722332889249%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722332893%3At%3APage%20not%20found%20%E2%80%93%20everness&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
https://mc.yandex.com/watch/85021354/1?wmode=7&page-url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-CH%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A1687930733979%3Ahid%3A1024622632%3Az%3A120%3Ai%3A20240730114812%3Aet%3A1722332893%3Ac%3A1%3Arn%3A290458534%3Arqn%3A1%3Au%3A17223328931283397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3127%3Awv%3A2%3Ads%3A0%2C0%2C1290%2C23%2C694%2C0%2C%2C811%2C0%2C3034%2C3034%2C1%2C2864%3Aco%3A0%3Acpf%3A1%3Ans%3A1722332889249%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722332893%3At%3APage%20not%20found%20%E2%80%93%20everness&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request godsend.php Show response
everness.ch/godsend/
Redirect Chain

https://www.everness.ch/godsend/godsend.php
https://everness.ch/godsend/godsend.php

40 KB
41 KB

1335ms
1290ms

Document
text/html

2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

093ce13de84009c67894289fc42092ab5c543de01353737a36c90233db1dd0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
date: Tue, 30 Jul 2024 09:48:09 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://everness.ch/wp-json/>; rel="https://api.w.org/"
server: Apache
strict-transport-security: max-age=16000000

Redirect headers

cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
date: Tue, 30 Jul 2024 09:48:09 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://everness.ch/godsend/godsend.php
server: Apache
strict-transport-security: max-age=16000000
x-redirect-by: WordPress

GET
H2 200 main.cb77fa11a8b0805f9178.css
everness.ch/wp-content/themes/everness/dist/ 67 KB
12 KB 34ms
33ms Stylesheet
text/css 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css

Requested by

Host: everness.ch
URL: https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

ba3f243cdc3f6da335d2eb40774c23036cc936c2b4a30a47507899692595b909

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/godsend/godsend.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:11 GMT
strict-transport-security: max-age=16000000
content-encoding: gzip
last-modified: Mon, 27 Nov 2023 10:38:57 GMT
server: Apache
etag: "10ae7-60b1fe8bf3240-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 11891

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 116ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300i,400,700,700i

Requested by

Host: everness.ch
URL: https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1db37e986ff8fba645857472b060c9d8b8edf11bede15b40efc0de1403fe819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 09:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 09:48:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jul 2024 09:48:11 GMT

GET
H2 200 picturefill.min.js Show response
everness.ch/wp-content/themes/everness/assets/vendors/ 12 KB
5 KB 25ms
24ms Script
application/javascript 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://everness.ch/wp-content/themes/everness/assets/vendors/picturefill.min.js

Requested by

Host: everness.ch
URL: https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/godsend/godsend.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:11 GMT
strict-transport-security: max-age=16000000
content-encoding: gzip
last-modified: Mon, 27 Nov 2023 10:38:57 GMT
server: Apache
etag: "2e20-60b1fe8bf3240-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5173

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/ 96 KB
34 KB 115ms
45ms Script
application/javascript 2606:4700:10::ac43:1408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/script.js
Requested by: Host: everness.ch
URL: https://everness.ch/godsend/godsend.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c2c7e1c7f62aeda426700357d48e0f9b493e253dbf3774c1e28ee445a7300c5

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 00:42:46 GMT
server: cloudflare
age: 443198
etag: "1808f-61cee0aa38831-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 8ab46e7b28940b90-AMS
content-length: 34162

GET
H2 200 style.min.css
everness.ch/wp-includes/css/dist/block-library/ 110 KB
15 KB 35ms
35ms Stylesheet
text/css 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://everness.ch/wp-includes/css/dist/block-library/style.min.css?ver=3e3e7abc07a5c4ebfc1b9b7d7b7c946f

Requested by

Host: everness.ch
URL: https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/godsend/godsend.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:11 GMT
strict-transport-security: max-age=16000000
content-encoding: gzip
last-modified: Wed, 24 Jul 2024 01:48:03 GMT
server: Apache
etag: "1b723-61df4781053d8-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 14835

GET
H2 200 logo-everness.svg
everness.ch/wp-content/themes/everness/assets/images/ 10 KB
11 KB 24ms
23ms Image
image/svg+xml 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everness.ch/wp-content/themes/everness/assets/images/logo-everness.svg

Requested by

Host: everness.ch
URL: https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7fe54ab0fbc7223eab162f0940f23a31100b0bb5830bd021ad57075268dcbf55

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/godsend/godsend.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:11 GMT
strict-transport-security: max-age=16000000
last-modified: Mon, 27 Nov 2023 10:38:57 GMT
server: Apache
etag: "2967-60b1fe8bf3240"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 10599

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 78ms
20ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js?ver=3.6.0
Requested by: Host: everness.ch
URL: https://everness.ch/godsend/godsend.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 760631
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mxp6960-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1722332891.388065,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 27, 340774

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
code.jquery.com/ 11 KB
4 KB 51ms
20ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.3.2.min.js?ver=3.3.2
Requested by: Host: everness.ch
URL: https://everness.ch/godsend/godsend.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7626531
x-cache: HIT, HIT
content-length: 4165
x-served-by: cache-lga21924-LGA, cache-mxp6960-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1722332891.388022,VS0,VE0
etag: W/"28feccc0-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 21821, 1316

GET
H2 404 swiper-bundle-min.css
everness.ch/wp-content/themes/everness/dist/swiper/dist/css/ 0
0 761ms
759ms Stylesheet
text/html 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://everness.ch/wp-content/themes/everness/dist/swiper/dist/css/swiper-bundle-min.css

Requested by

Host: everness.ch
URL: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 30 Jul 2024 09:48:11 GMT
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=16000000
server: Apache
link: <https://everness.ch/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 175ms
55ms Ping
text/plain 52.48.126.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.126.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-126-242.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryzd02QXJ0ffGbmTmU

Response headers

access-control-allow-origin: *
date: Tue, 30 Jul 2024 09:48:12 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/ 98 KB
32 KB 42ms
42ms Script
application/javascript 2606:4700:10::ac43:1408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c087fab0fe84e04d08a85663f79b8d5b14b5238be15eab12c1ce060b0ac2603

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 00:42:46 GMT
server: cloudflare
age: 443197
etag: "188c1-61cee0aa38831-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 8ab46e7fcef30b90-AMS
content-length: 33081

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
97 KB 109ms
44ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRMKT6N

Requested by

Host: everness.ch
URL: https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

553741ce87131f5e00927366eef6fc1e07e4a5f6b0a87f8023893803c4ea3ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99202
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 09:48:12 GMT

GET
H2 200 main.8293b523e4e0882dcdc6.js Show response
everness.ch/wp-content/themes/everness/dist/ 18 KB
7 KB 30ms
30ms Script
application/javascript 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://everness.ch/wp-content/themes/everness/dist/main.8293b523e4e0882dcdc6.js

Requested by

Host: everness.ch
URL: https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

9c07c6aecd5f766b656d11f9322ed7bd028d8bf129c2cce1c1a91c3d42ce019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/godsend/godsend.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
strict-transport-security: max-age=16000000
content-encoding: gzip
last-modified: Mon, 27 Nov 2023 10:38:57 GMT
server: Apache
etag: "4989-60b1fe8bf3240-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7109

GET
H2 200 instagram--black.svg
everness.ch/wp-content/themes/everness/assets/images/ 4 KB
4 KB 27ms
26ms Image
image/svg+xml 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everness.ch/wp-content/themes/everness/assets/images/instagram--black.svg

Requested by

Host: everness.ch
URL: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

3bb45e7c87eaf1ca0d3b4823d703d116b78dcd534916cc70ae7f5dff4bd72a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
strict-transport-security: max-age=16000000
last-modified: Mon, 27 Nov 2023 10:38:57 GMT
server: Apache
etag: "1089-60b1fe8bf3240"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4233

GET
H2 200 facebook--black.svg
everness.ch/wp-content/themes/everness/assets/images/ 1 KB
1 KB 24ms
23ms Image
image/svg+xml 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everness.ch/wp-content/themes/everness/assets/images/facebook--black.svg

Requested by

Host: everness.ch
URL: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

ebb94481519a1f2cf2e4947883319559386cb922a6a81f2d1bb4a53ef98411c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
strict-transport-security: max-age=16000000
last-modified: Mon, 27 Nov 2023 10:38:57 GMT
server: Apache
etag: "400-60b1fe8bf3240"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1024

GET
H2 200 instagram.svg
everness.ch/wp-content/themes/everness/assets/images/ 4 KB
4 KB 28ms
27ms Image
image/svg+xml 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everness.ch/wp-content/themes/everness/assets/images/instagram.svg

Requested by

Host: everness.ch
URL: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

c3fbbfbe97d1cb332f9581e2c1ca0318478281a9980c4a65eab6c11d34746a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
strict-transport-security: max-age=16000000
last-modified: Mon, 27 Nov 2023 10:38:57 GMT
server: Apache
etag: "1089-60b1fe8bf3240"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4233

GET
H2 200 facebook.svg
everness.ch/wp-content/themes/everness/assets/images/ 1 KB
1 KB 22ms
22ms Image
image/svg+xml 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everness.ch/wp-content/themes/everness/assets/images/facebook.svg

Requested by

Host: everness.ch
URL: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

6cc469ea16637b73acc34230dd5dddcf184367190982f0b696c273dbbb86cf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/wp-content/themes/everness/dist/main.cb77fa11a8b0805f9178.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
strict-transport-security: max-age=16000000
last-modified: Mon, 27 Nov 2023 10:38:57 GMT
server: Apache
etag: "400-60b1fe8bf3240"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1024

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 141ms
77ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300i,400,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://everness.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:26:16 GMT
x-content-type-options: nosniff
age: 595316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 12:26:16 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
50 KB 91ms
27ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300i,400,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://everness.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 05:49:49 GMT
x-content-type-options: nosniff
age: 14303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 05:49:49 GMT

GET
H2 200 menu-toggle.cb112ef875c0cffc7779.bundle.js Show response
everness.ch/wp-content/themes/everness/dist/ 586 B
546 B 24ms
24ms Script
application/javascript 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://everness.ch/wp-content/themes/everness/dist/menu-toggle.cb112ef875c0cffc7779.bundle.js

Requested by

Host: everness.ch
URL: https://everness.ch/wp-content/themes/everness/dist/main.8293b523e4e0882dcdc6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

255da86bb6b625263cea28b6f1d2ca202824861334295486c12a5b5c92a91e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/godsend/godsend.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
strict-transport-security: max-age=16000000
content-encoding: gzip
last-modified: Mon, 27 Nov 2023 10:38:57 GMT
server: Apache
etag: "24a-60b1fe8bf3240-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 345

GET
H2 200 0jtkMi1g.json Show response
cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/ 44 B
335 B 107ms
42ms Fetch
application/json 2606:4700:10::ac43:1408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/0jtkMi1g.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56a1c5479486bf37595dd419a7c70af875b5e2212b2887830e4e6f133bca264f

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 00:42:46 GMT
server: cloudflare
age: 443342
etag: W/"2c-61cee0aa37891"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8ab46e814b196673-AMS

GET
H2 200 favicon-32x32.png
everness.ch/ 1 KB
2 KB 23ms
23ms Other
image/png 2001:1600:4:13:3673:5aff:fea0:2064
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://everness.ch/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:3673:5aff:fea0:2064 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

81ee238efe044b45cef3e2be1484a4da8603b261e75c7a9f29f51116123ffbe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://everness.ch/godsend/godsend.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
strict-transport-security: max-age=16000000
last-modified: Thu, 02 May 2024 09:04:51 GMT
server: Apache
etag: "5cf-61774e5540d1c"
content-type: image/png
accept-ranges: bytes
content-length: 1487

GET
H2 200 km2R2eR2.json Show response
cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/config/ 32 KB
5 KB 40ms
39ms Fetch
application/json 2606:4700:10::ac43:1408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/config/km2R2eR2.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b12e1f83ddd69b9db16e46bdec3068a16e4419389d56b540078c4e82eab6ca

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 00:42:46 GMT
server: cloudflare
age: 443342
etag: W/"8023-61cee0aa38831"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8ab46e819b436673-AMS

GET
H2 200 el6Z8q-Y.json Show response
cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/translations/ 2 KB
1004 B 39ms
39ms Fetch
application/json 2606:4700:10::ac43:1408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/translations/el6Z8q-Y.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a637df9d47bea565488ec34a3f9d49a6ba7b2032f7cc48ccd9df9b654c9dd077

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 00:42:46 GMT
server: cloudflare
age: 440674
etag: W/"83b-61cee0aa38831"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8ab46e81db946673-AMS

GET
H2 200 cuMax8da.json Show response
cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/audit-table/ 4 KB
2 KB 41ms
41ms Fetch
application/json 2606:4700:10::ac43:1408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/audit-table/cuMax8da.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c51420725a3acdd2848c67e2bcc5e0d4f3c8cc90676507ccc8417da4204a3a77

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 00:42:46 GMT
server: cloudflare
age: 440673
etag: W/"ffe-61cee0aa37891"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8ab46e821bcf6673-AMS

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 112ms
60ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13m3m3m3m5&tag_exp=95250753&rnd=1040241183.1722332893&url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&dma_cps=-&dma=0&npa=1&gtm=45He47t0n81PRMKT6Nv846249257za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRMKT6N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 09:48:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-697155275&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRMKT6N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f33e6a94745555b795069f1f0fa3229600d330575271257892bfd0c92354f461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92975
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 09:48:12 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 93ms
31ms Script
application/javascript 2a02:26f0:480:15::213:7e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRMKT6N

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2024 05:33:09 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=35371
accept-ranges: bytes
content-length: 14597

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 81ms
26ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: everness.ch
URL: https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 09:48:12 GMT
document-policy: force-load-at-top
x-fb-server-load: 51
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=13, mss=1208, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: RG3VDnTgXP+k4ftKTSrIQ1ZEkyf89M7OMYRc5/v+rOETgU5RFH7Vc+CCQSgKdhJo90KX0aIaVXrsDg7AKLcMHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 283ms
120ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: everness.ch
URL: https://everness.ch/godsend/godsend.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

184ff4719d5c387812c3b3d9ba9522c3cf597085ba2092079142903e994dc304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 24 Jul 2024 12:44:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66a0f74a-1166d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71277
expires: Tue, 30 Jul 2024 10:48:12 GMT

GET
H2 200 sa.js Show response
sibautomation.com/ 8 KB
3 KB 135ms
46ms Script
text/javascript 2606:4700:4400::6812:2546
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/sa.js?key=jmkklyrq10ghhn8z62kkr4fc
Requested by: Host: everness.ch
URL: https://everness.ch/godsend/godsend.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2546 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: e0d8625a7d4e594de501868b9349637e93a119b02872ff1705f95b0924ac8c64

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1746
cf-polished: origSize=11135
etag: W/"2b7f-XeJSYdLrifI7JSoC8YukTjziGQc"
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 8ab46e830d10b954-AMS
expires: Tue, 30 Jul 2024 09:49:12 GMT

GET
H2 200 revisit.svg
cdn-cookieyes.com/assets/images/ 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2606:4700:10::ac43:1408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/revisit.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:47 GMT
server: cloudflare
age: 84994
etag: W/"923-5da3a668dacc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 8ab46e827b100b90-AMS

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/ 1 KB
817 B 39ms
39ms Image
image/svg+xml 2606:4700:10::ac43:1408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:50 GMT
server: cloudflare
age: 84994
etag: W/"541-5da3a66c769d4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 8ab46e827b130b90-AMS

GET
H2 200 poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 4 KB
2 KB 47ms
47ms Image
image/svg+xml 2606:4700:10::ac43:1408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:41:24 GMT
server: cloudflare
age: 84984
etag: W/"eb2-5da3a68c50d09"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 8ab46e827b140b90-AMS

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
152 B 58ms
56ms Ping
text/plain 52.48.126.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7a11165d08a5ac0652025274/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.126.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-126-242.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBSDbNAP7XBbsVIQb

Response headers

access-control-allow-origin: *
date: Tue, 30 Jul 2024 09:48:12 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
837 B 281ms
230ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=7094569&time=1722332892630&url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F153F426F4254567ABD4A70D44365003 Ref B: FRAEDGE1621 Ref C: 2024-07-30T09:48:12Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-li-source-fabric: prod-ltx1
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
x-cache: CONFIG_NOCACHE
access-control-allow-headers: *
x-li-uuid: AAYec+BCEmtERQHKjdopog==
x-fs-uuid: 00061e73e042126b444501ca8dda29a2

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7094569&time=1722332892630&url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7094569&time=1722332892630&url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&e_ipv6=AQJqQNOC-VLskgAAAZEDCk6ETEpNwvox_tuvRbS_2V4mHIVeeyqtpLGP0...

0
265 B

159ms
123ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7094569&time=1722332892630&url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&e_ipv6=AQJqQNOC-VLskgAAAZEDCk6ETEpNwvox_tuvRbS_2V4mHIVeeyqtpLGP0XD-RKi6KciMmNkNGbp7
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 07BD9499688540B2A9B69725987EFA3B Ref B: ZRHEDGE1210 Ref C: 2024-07-30T09:48:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYec+BFOnVclGa+Q5h9Eg==

Redirect headers

date: Tue, 30 Jul 2024 09:48:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 66DC2E7F30FF49C1A8CB7491A134572C Ref B: DUS30EDGE0909 Ref C: 2024-07-30T09:48:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=7094569&time=1722332892630&url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&e_ipv6=AQJqQNOC-VLskgAAAZEDCk6ETEpNwvox_tuvRbS_2V4mHIVeeyqtpLGP0XD-RKi6KciMmNkNGbp7
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYec+BCcK6wcGN+8xeI7A==

GET
H2 200 927723140931977 Show response
connect.facebook.net/signals/config/ 71 KB
14 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/927723140931977?v=2.9.162&r=stable&domain=everness.ch&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb4bef95cd0e67068e48ece4e1fc1e0c9cfb750f3ef37815adf238beff2f1abf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 09:48:12 GMT
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=68, mss=1208, tbw=64218, tp=-1, tpl=-1, uplat=52, ullat=0
pragma: public
x-fb-debug: TziL8Cgc7pAkxv8/s4HFfzf07cHMnR635rWXHxPWszR7d0eNNsxprmpPYdxgFJOmMbUo1pVWHuc1xZrwIAp7EQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET cm.html
sibautomation.com/ Frame 1EB0 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 74ms
23ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=927723140931977&ev=PageView&dl=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&rl=&if=false&ts=1722332892770&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722332892768.60610996550876278&cs_est=true&ler=empty&cdl=API_unavailable&it=1722332892678&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1208, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 09:48:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 232ms
181ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=927723140931977&ev=PageView&dl=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&rl=&if=false&ts=1722332892770&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722332892768.60610996550876278&cs_est=true&ler=empty&cdl=API_unavailable&it=1722332892678&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0adb174bd05cdbf7","source_keys":["1","2"]},{"key_piece":"0xfb8c704615c97f99","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:2956507647777672","7830:2956507647777672","10853:2956507647777672","41:2956507647777672","8046:2956507647777672"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 30 Jul 2024 09:48:12 GMT
x-fb-server-load: 39
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397363444800387610", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=10, mss=1208, tbw=3092, tp=-1, tpl=-1, uplat=157, ullat=0
pragma: no-cache
x-fb-debug: dpqHLqZxueSBYVTYvSHMGqWwmuDWNUL/xflYsqZ9g/TTTekAbPGrwV5EbbkWRuIUaPlD0wYgRe4TdVwIemZNTw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397363444800387610"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10446.mMxp1fO4crunmauH54eqp_Ys8PsneI6iMiFYEMfp1OgVx4q8tzo-uAjcISctiL70.kfO4rK81wondY_R_hDOB0x4hr74%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10446.znrD5i6k5MQZsl5K2x1JWhUTY_tAdUQ2P2kF2zXCv4edvb3ytOHd6_FMKyZJokSkVq6SI1UVmmyoDCnTk6JmFwvDlMVgl0ra2nR45zSd5V6pnVPpGckvP8uX2AmxDoxlM5-6QTAxdM...

43 B
673 B

82ms
82ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10446.znrD5i6k5MQZsl5K2x1JWhUTY_tAdUQ2P2kF2zXCv4edvb3ytOHd6_FMKyZJokSkVq6SI1UVmmyoDCnTk6JmFwvDlMVgl0ra2nR45zSd5V6pnVPpGckvP8uX2AmxDoxlM5-6QTAxdM_6swiX9FqR3_B-tz7ingbiXlLqKzk1IkcEDOaEMTOiUAkDTqgooxZ1tVQt2LFJaxUWu3PMkomgivtARC9lQSiHFPmf42vXxeY%2C.7EWKDnBB1gEAe5fEbkvzGM9Ysgk%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:13 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10446.znrD5i6k5MQZsl5K2x1JWhUTY_tAdUQ2P2kF2zXCv4edvb3ytOHd6_FMKyZJokSkVq6SI1UVmmyoDCnTk6JmFwvDlMVgl0ra2nR45zSd5V6pnVPpGckvP8uX2AmxDoxlM5-6QTAxdM_6swiX9FqR3_B-tz7ingbiXlLqKzk1IkcEDOaEMTOiUAkDTqgooxZ1tVQt2LFJaxUWu3PMkomgivtARC9lQSiHFPmf42vXxeY%2C.7EWKDnBB1gEAe5fEbkvzGM9Ysgk%2C
strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 09:48:13 GMT
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
594 B 115ms
115ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:48:13 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24 Jul 2024 12:44:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66a0f74a-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 30 Jul 2024 10:48:13 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
194 B 147ms
145ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Jul 2024 09:48:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4A8D2AD6B0CC4BB09686F75549C5BAF8 Ref B: DUS30EDGE0909 Ref C: 2024-07-30T09:48:13Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://everness.ch
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYec+BHLAjEdxchSeZALA==

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame A7BC 0
0 257ms
117ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://everness.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 30 Jul 2024 09:48:13 GMT
etag: "66a0f74a-416"
expires: Tue, 30 Jul 2024 10:48:13 GMT
last-modified: Wed, 24 Jul 2024 12:44:58 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/85021354/
Redirect Chain

https://mc.yandex.com/watch/85021354?wmode=7&page-url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3...
https://mc.yandex.com/watch/85021354/1?wmode=7&page-url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0...

464 B
669 B

75ms
74ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/85021354/1?wmode=7&page-url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-CH%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A1687930733979%3Ahid%3A1024622632%3Az%3A120%3Ai%3A20240730114812%3Aet%3A1722332893%3Ac%3A1%3Arn%3A290458534%3Arqn%3A1%3Au%3A17223328931283397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3127%3Awv%3A2%3Ads%3A0%2C0%2C1290%2C23%2C694%2C0%2C%2C811%2C0%2C3034%2C3034%2C1%2C2864%3Aco%3A0%3Acpf%3A1%3Ans%3A1722332889249%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722332893%3At%3APage%20not%20found%20%E2%80%93%20everness&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ab18fa376440a62ac7a1bbc93b0f3bf4f81f65bb294f84d547d27ae493c2eea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://everness.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 09:48:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 30-Jul-2024 09:48:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://everness.ch
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 464
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 09:48:13 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 09:48:13 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30-Jul-2024 09:48:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/85021354/1?wmode=7&page-url=https%3A%2F%2Feverness.ch%2Fgodsend%2Fgodsend.php&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-CH%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A1687930733979%3Ahid%3A1024622632%3Az%3A120%3Ai%3A20240730114812%3Aet%3A1722332893%3Ac%3A1%3Arn%3A290458534%3Arqn%3A1%3Au%3A17223328931283397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3127%3Awv%3A2%3Ads%3A0%2C0%2C1290%2C23%2C694%2C0%2C%2C811%2C0%2C3034%2C3034%2C1%2C2864%3Aco%3A0%3Acpf%3A1%3Ans%3A1722332889249%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722332893%3At%3APage%20not%20found%20%E2%80%93%20everness&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
access-control-allow-origin: https://everness.ch
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 09:48:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sibautomation.com
URL: https://sibautomation.com/cm.html?key=jmkklyrq10ghhn8z62kkr4fc

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
everness.ch/	1970-01-21 07:11:08	Name: cookieyes-consent Value: consentid:cWZnMmJBOW01djhJb1VYa0x5Y21YMHJSc08wdnFSazU,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
.everness.ch/	1970-01-21 02:47:01	Name: sib_cuid Value: 12a16a4b-ecce-424c-8426-71a18878a1bd
.everness.ch/	1970-01-21 00:35:08	Name: _fbp Value: fb.1.1722332892768.60610996550876278
.yandex.ru/	1970-01-21 08:01:32	Name: i Value: eihIZVDQdhmi8vK6qloblqjcHW2fNSzVoNkan9znEiqwR+jNt72OlH4dCVxo1yEvmmHretOagHaq3YfbdWRnyUWMHWU=
.yandex.ru/	1970-01-21 08:01:32	Name: yandexuid Value: 7096962971722332892
.yandex.ru/	1970-01-21 07:11:08	Name: yashr Value: 1019966191722332892
.linkedin.com/	1970-01-21 07:11:08	Name: bcookie Value: "v=2&f6b41ceb-ec86-48e7-822a-24a6e955b638"
.linkedin.com/	1970-01-21 02:44:44	Name: li_gc Value: MTswOzE3MjIzMzI4OTI7MjswMjFpk8Jvi2tqoub+djOjP6KgYHhTXgBN1MqXw50R97ERsg==
.linkedin.com/	1970-01-20 22:26:59	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=3021:u=1:x=1:i=1722332892:t=1722419292:v=2:sig=AQGU07JW2J27r2wM2Sd6asU0VKzFN_wk"
.everness.ch/	1970-01-21 07:11:08	Name: _ym_uid Value: 17223328931283397
.everness.ch/	1970-01-21 07:11:08	Name: _ym_d Value: 1722332893
.mc.yandex.com/	1970-01-20 22:25:33	Name: sync_cookie_csrf Value: 1185221335fake
.everness.ch/	1970-01-20 22:26:44	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 22:25:33	Name: sync_cookie_csrf Value: 3303249235fake
.yandex.com/	1970-01-21 07:11:08	Name: yuidss Value: 7096962971722332892
.yandex.com/	1970-01-21 08:01:32	Name: yp Value: 1722419293.yu.6076510921722332893
.mc.yandex.com/	1970-01-20 22:26:59	Name: sync_cookie_ok Value: synced
.yandex.com/	1970-01-21 08:01:32	Name: i Value: 0mo5Vi8vdoa8f6sgzNr7Uc+hwunVA6yGXYxmc8jZ6O0nTIrv+ZYR+vnevZ8KLKams/DG83sQusAREx3F7Bym6k8oRa8=
.yandex.com/	1970-01-21 07:11:08	Name: yashr Value: 9326913861722332893
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2167496661722332893
.yandex.com/	1970-01-21 07:11:08	Name: yandexuid Value: 7096962971722332892
.yandex.com/	1970-01-21 07:11:08	Name: ymex Value: 1724924893.oyu.6076510921722332893#1753868893.yrts.1722332893
.yandex.com/	1970-01-21 07:11:08	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 08:01:32	Name: bh Value: KgI/MGDd7aK1Bg==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://everness.ch/godsend/godsend.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://everness.ch/wp-content/themes/everness/dist/swiper/dist/css/swiper-bundle-min.css Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16000000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-cookieyes.com
code.jquery.com
connect.facebook.net
everness.ch
fonts.googleapis.com
fonts.gstatic.com
log.cookieyes.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
sibautomation.com
snap.licdn.com
www.everness.ch
www.facebook.com
www.googletagmanager.com
sibautomation.com
13.107.42.14
142.250.185.98
2001:1600:4:13:3673:5aff:fea0:2064
2606:4700:10::ac43:1408
2606:4700:4400::6812:2546
2620:1ec:21::14
2a00:1450:4001:80e::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a02:26f0:480:15::213:7e63
2a02:6b8::1:119
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::649
52.48.126.242
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
093ce13de84009c67894289fc42092ab5c543de01353737a36c90233db1dd0c8
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
184ff4719d5c387812c3b3d9ba9522c3cf597085ba2092079142903e994dc304
1c2c7e1c7f62aeda426700357d48e0f9b493e253dbf3774c1e28ee445a7300c5
255da86bb6b625263cea28b6f1d2ca202824861334295486c12a5b5c92a91e38
2c087fab0fe84e04d08a85663f79b8d5b14b5238be15eab12c1ce060b0ac2603
2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc
3bb45e7c87eaf1ca0d3b4823d703d116b78dcd534916cc70ae7f5dff4bd72a9e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b12e1f83ddd69b9db16e46bdec3068a16e4419389d56b540078c4e82eab6ca
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553741ce87131f5e00927366eef6fc1e07e4a5f6b0a87f8023893803c4ea3ff7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56a1c5479486bf37595dd419a7c70af875b5e2212b2887830e4e6f133bca264f
6cc469ea16637b73acc34230dd5dddcf184367190982f0b696c273dbbb86cf07
7fe54ab0fbc7223eab162f0940f23a31100b0bb5830bd021ad57075268dcbf55
81ee238efe044b45cef3e2be1484a4da8603b261e75c7a9f29f51116123ffbe3
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
9c07c6aecd5f766b656d11f9322ed7bd028d8bf129c2cce1c1a91c3d42ce019f
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a637df9d47bea565488ec34a3f9d49a6ba7b2032f7cc48ccd9df9b654c9dd077
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab18fa376440a62ac7a1bbc93b0f3bf4f81f65bb294f84d547d27ae493c2eea3
ba3f243cdc3f6da335d2eb40774c23036cc936c2b4a30a47507899692595b909
c3fbbfbe97d1cb332f9581e2c1ca0318478281a9980c4a65eab6c11d34746a79
c51420725a3acdd2848c67e2bcc5e0d4f3c8cc90676507ccc8417da4204a3a77
d1db37e986ff8fba645857472b060c9d8b8edf11bede15b40efc0de1403fe819
e0d8625a7d4e594de501868b9349637e93a119b02872ff1705f95b0924ac8c64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebb94481519a1f2cf2e4947883319559386cb922a6a81f2d1bb4a53ef98411c7
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33e6a94745555b795069f1f0fa3229600d330575271257892bfd0c92354f461
fb4bef95cd0e67068e48ece4e1fc1e0c9cfb750f3ef37815adf238beff2f1abf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

everness.ch Open in urlscan Pro 2001:1600:4:13:3673:5aff:fea0:2064 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

91 %HTTPS

80 %IPv6

15 Domains

17 Subdomains

16 IPs

5 Countries

672 kBTransfer

1822 kBSize

24 Cookies

4 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

everness.ch Open in urlscan Pro
2001:1600:4:13:3673:5aff:fea0:2064 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

91 %
HTTPS

80 %
IPv6

15
Domains

17
Subdomains

16
IPs

5
Countries

672 kB
Transfer

1822 kB
Size

24
Cookies

47 HTTP transactions
0 data transactions