ersties.com Open in urlscan Pro
2606:4700::6812:1523 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ersties.com/free-chat/AnnyFitness
Submission: On January 25 via api (January 25th 2024, 5:36:41 am UTC) from CZ — Scanned from DE

Summary HTTP 58 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 58 HTTP transactions. The main IP is 2606:4700::6812:1523, located in United States and belongs to CLOUDFLARENET, US. The main domain is ersties.com.
TLS certificate: Issued by GTS CA 1P5 on December 30th 2023. Valid for: 3 months.

This is the only time ersties.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700::68... 2606:4700::6812:1523	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4013:c06::54	15169 (GOOGLE) (GOOGLE)
36	2606:4700::68... 2606:4700::6812:1423	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2011	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	44.228.7.151 44.228.7.151	16509 (AMAZON-02) (AMAZON-02)
58	11

9 2606:4700::6812:1523 (United States)

ASN13335 (CLOUDFLARENET, US)

ersties.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-cf.ersties.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.ersties.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c06::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700::6812:1423 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ersties.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-cf.ersties.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ersties.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.228.7.151 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-7-151.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	ersties.com ersties.com cdn-cf.ersties.com api.ersties.com	969 KB
5	google.com accounts.google.com — Cisco Umbrella Rank: 23 region1.analytics.google.com — Cisco Umbrella Rank: 2616	123 KB
2	amplitude.com api2.amplitude.com — Cisco Umbrella Rank: 1350	311 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	160 KB
1	gstatic.com fonts.gstatic.com	27 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 424
1	google.de www.google.de — Cisco Umbrella Rank: 6518	409 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	242 B
58	8

	Domain	Requested by
37	cdn-cf.ersties.com	ersties.com cdn-cf.ersties.com
6	api.ersties.com	cdn-cf.ersties.com
4	accounts.google.com	cdn-cf.ersties.com accounts.google.com
2	api2.amplitude.com	cdn-cf.ersties.com
2	www.googletagmanager.com	cdn-cf.ersties.com www.googletagmanager.com
2	ersties.com	cdn-cf.ersties.com
1	fonts.gstatic.com
1	csp.withgoogle.com	ersties.com
1	www.google.de	ersties.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
58	11

This site contains links to these domains. Also see Links.

Domain
www.vxcash.net
cs.segpay.com
www.epoch.com

Subject Issuer	Validity	Valid
ersties.com GTS CA 1P5	`2023-12-30` - `2024-03-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ersties.com/free-chat/AnnyFitness
Frame ID: 6E68FEB620C4AD12C6A5F7D80309F8CA
Requests: 57 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&shape=pill&theme=outline&text=signin_with&size=large&width=260&logo_alignment=left&click_listener=()%3D%3E%7B(0%2Cz._j)(%22Google%20signup%20button%20click%22)%7D&client_id=506542501354-1uirdcnsnl36ajas93t12qg6vfrl1jau.apps.googleusercontent.com&iframe_id=gsi_996657_720893&as=zgW4auXB73p0OYsj9TMOMw
Frame ID: BE28E5DB80FBD8BE85E10F3D80F4D3D7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ersties.com - Members Login

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

58
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

1280 kB
Transfer

2533 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vxcash.net/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://cs.segpay.com/
Title: Billing Support Segpay.com

Search URL Search Domain Scan URL

URL: https://www.epoch.com/
Title: Billing Support Epoch.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request AnnyFitness Show response
ersties.com/free-chat/ 901 B
1008 B 777ms
759ms Document
text/html 2606:4700::6812:1523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ersties.com/free-chat/AnnyFitness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1523 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c379d80649f1455231365036d0975da42d64b3a59161c94fef1863a8d6c9f835

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://ersties.net https://ersties.de https://en.ersties.com https://ersties.ch https://en.ersties.ch https://ersties.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOW-FROM https://en.ersties.com https://ersties.com https://ersties.ch https://en.ersties.ch https://spankbang.com/ SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ae28cc0ccc5c8c-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://ersties.net https://ersties.de https://en.ersties.com https://ersties.ch https://en.ersties.ch https://ersties.com
content-type: text/html; charset=utf-8
date: Thu, 25 Jan 2024 05:36:35 GMT
server: cloudflare
strict-transport-security: max-age=31536000
x-frame-options: ALLOW-FROM https://en.ersties.com https://ersties.com https://ersties.ch https://en.ersties.ch https://spankbang.com/ SAMEORIGIN

GET
H2 200 chunk-vendors.12afa831.js Show response
cdn-cf.ersties.com/dist/assets/js/ 542 KB
180 KB 30ms
29ms Script
application/x-javascript 2606:4700::6812:1523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/js/chunk-vendors.12afa831.js

Requested by

Host: ersties.com
URL: https://ersties.com/free-chat/AnnyFitness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1523 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e450948d4a2befdf1e1fca1504f42da1d0ff1e4217659ff7b2e9ce731d87cfad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:35 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 337370
cf-polished: origSize=554979
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 21 Jan 2024 09:52:18 GMT
server: cloudflare
etag: W/"65ace952-877e3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d0cf575c8c-FRA
expires: Fri, 24 Jan 2025 05:36:35 GMT

GET
H2 200 app.a42231d4.js Show response
cdn-cf.ersties.com/dist/assets/js/ 161 KB
57 KB 23ms
22ms Script
application/x-javascript 2606:4700::6812:1523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Requested by

Host: ersties.com
URL: https://ersties.com/free-chat/AnnyFitness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1523 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0cd9af34e01842b3787f2da082d740e1b6e0b6a6411bbe7811abc89af997f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:35 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 233997
cf-polished: origSize=165354
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Jan 2024 14:30:46 GMT
server: cloudflare
etag: W/"65ae7c16-285ea"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d0cf595c8c-FRA
expires: Fri, 24 Jan 2025 05:36:35 GMT

GET
H2 200 app.d04e71eb.css
cdn-cf.ersties.com/dist/assets/css/ 1 KB
706 B 16ms
16ms Stylesheet
text/css 2606:4700::6812:1523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/css/app.d04e71eb.css

Requested by

Host: ersties.com
URL: https://ersties.com/free-chat/AnnyFitness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1523 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f2e1a2d9eef4abecc055980ada9aed971350e676d8ccb881a9a851b63df901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:35 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 1696008
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: W/"65982cfc-404"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d0cf555c8c-FRA
expires: Fri, 24 Jan 2025 05:36:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 226 KB
77 KB 181ms
71ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52Z6TL

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4c1d29cc3edd8ab68a696fd1f405ea441eb70326734decbfbf97c45e5a41265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78865
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jan 2024 05:36:36 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 207 KB
80 KB 112ms
45ms Script
application/javascript 2a00:1450:4013:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c06::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe51528f441ddf16fc04c5884cd748919a49c8f8faf1fd9814ec87a889a08213

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-otEAq1z9S0W955MFJJTJOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-otEAq1z9S0W955MFJJTJOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 25 Jan 2024 05:36:36 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

OPTIONS
H2 200 visit
api.ersties.com/track/ Frame 0
0 37ms
18ms Preflight 2606:4700::6812:1523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ersties.com/track/visit?referer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1523 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-source-tld,x-visit-uid
Access-Control-Request-Method: GET
Origin: https://ersties.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept-Encoding,Range,Content-Language,Content-Length,Accept,Pragma,Accept-Language,DNT,Newrelic,X-CustomHeader,X-Origin,Origin,Referrer,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Source-Tld,X-Visit-Uid
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
access-control-allow-origin: https://ersties.com
access-control-expose-headers: X-Visit-Uid
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-ray: 84ae28d178d72bd2-FRA
content-length: 0
date: Thu, 25 Jan 2024 05:36:36 GMT
server: cloudflare
vary: Origin, Accept-Encoding

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/avif

GET
H3 200 visit Show response
api.ersties.com/track/ 405 B
828 B 115ms
115ms Fetch
application/json 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ersties.com/track/visit?referer=
Requested by: Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/chunk-vendors.12afa831.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a178cdad661d60b3697a225d007219719af0c9e1c79beecfb14cc5c41eca724c

Request headers

Accept: application/json
X-Source-Tld: com
Referer: https://ersties.com/free-chat/AnnyFitness
accept-language: de-DE,de;q=0.9
X-Visit-Uid: "65b1eff8397a54.04572924"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-visit-uid: 65b1eff8397a54.04572924
x-handler-duration: 0.0025920867919922
alt-svc: h3=":443"; ma=86400
x-track-duration: 0.0060181617736816
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
content-type: application/json
access-control-allow-origin: https://ersties.com
access-control-expose-headers: X-Visit-Uid
access-control-max-age: 86400
access-control-allow-credentials: true
x-init-duration: 0.01799201965332
cf-ray: 84ae28d19e2f3661-FRA
access-control-allow-headers: Authorization,Accept-Encoding,Range,Content-Language,Content-Length,Accept,Pragma,Accept-Language,DNT,Newrelic,X-CustomHeader,X-Origin,Origin,Referrer,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Source-Tld,X-Visit-Uid
x-track-total-duration: 0.0064618587493896

GET
H2 200 logo-en.5fb5e7ba.svg
cdn-cf.ersties.com/dist/assets/img/ 42 KB
17 KB 22ms
22ms Image
image/svg+xml 2606:4700::6812:1523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/logo-en.5fb5e7ba.svg

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/app.d04e71eb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1523 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b3959b46b9ec7ebd8d100a227a8ad873b477514a764a2ffeff79c019ac93e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/app.d04e71eb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 1696008
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: W/"65982cfc-a8c2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d16fab5c8c-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 login.b1958d97.css
cdn-cf.ersties.com/dist/assets/css/ 9 KB
2 KB 16ms
16ms Stylesheet
text/css 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/css/login.b1958d97.css

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2aee5f47b8463b1f2024b872a8aadb7205b98d879399d54ddcf48920ccf4fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 1695894
cf-polished: origSize=9431
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: W/"65982cfc-24d7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d25ec93661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 login.88362f0e.js Show response
cdn-cf.ersties.com/dist/assets/js/ 7 KB
3 KB 17ms
17ms Script
application/x-javascript 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/js/login.88362f0e.js

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45af0832c3adc212e6cf4812aa4de572e91230eb4dd156e08cf73d21c76468bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 233624
cf-polished: origSize=6784
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Jan 2024 14:30:46 GMT
server: cloudflare
etag: W/"65ae7c16-1a80"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d25ecb3661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

OPTIONS
H2 200 meta
api.ersties.com/pages/ Frame 0
0 14ms
13ms Preflight 2606:4700::6812:1523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ersties.com/pages/meta?url=%2Flogin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1523 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-source-tld,x-visit-uid
Access-Control-Request-Method: GET
Origin: https://ersties.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept-Encoding,Range,Content-Language,Content-Length,Accept,Pragma,Accept-Language,DNT,Newrelic,X-CustomHeader,X-Origin,Origin,Referrer,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Source-Tld,X-Visit-Uid
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
access-control-allow-origin: https://ersties.com
access-control-expose-headers: X-Visit-Uid
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-ray: 84ae28d279782bd2-FRA
content-length: 0
date: Thu, 25 Jan 2024 05:36:36 GMT
server: cloudflare
vary: Origin, Accept-Encoding

GET
H3 200 meta Show response
api.ersties.com/pages/ 103 B
697 B 21ms
21ms Fetch
application/json 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ersties.com/pages/meta?url=%2Flogin
Requested by: Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/chunk-vendors.12afa831.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4651f88a307702a6304ae421645707a76b5f998c5df7cfe160016f8d14e4fbb

Request headers

Accept: application/json
X-Source-Tld: com
Referer: https://ersties.com/login?redirect=/free-chat/AnnyFitness
accept-language: de-DE,de;q=0.9
X-Visit-Uid: "65b1eff8397a54.04572924"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1946
x-handler-duration: 0.00043702125549316
alt-svc: h3=":443"; ma=86400
x-track-duration: 0.0084309577941895
last-modified: Thu, 25 Jan 2024 04:53:37 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
content-type: application/json
access-control-allow-origin: https://ersties.com
access-control-expose-headers: X-Visit-Uid
cache-control: public, max-age=2678400
access-control-allow-credentials: true
x-init-duration: 0.028681039810181
access-control-max-age: 86400
cf-ray: 84ae28d29efb3661-FRA
access-control-allow-headers: Authorization,Accept-Encoding,Range,Content-Language,Content-Length,Accept,Pragma,Accept-Language,DNT,Newrelic,X-CustomHeader,X-Origin,Origin,Referrer,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Source-Tld,X-Visit-Uid
x-track-total-duration: 0.011023998260498
expires: Sun, 25 Feb 2024 05:36:36 GMT

GET
H3 200 1037.2d812969.css
cdn-cf.ersties.com/dist/assets/css/ 27 KB
5 KB 16ms
16ms Stylesheet
text/css 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e527bdf84169130141cb2a119aca5cee135e10b979a2539d169558b91b7b54ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 826288
cf-polished: origSize=27499
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 15 Jan 2024 17:53:04 GMT
server: cloudflare
etag: W/"65a57100-6b6b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d28eef3661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 1037.89e284b4.js Show response
cdn-cf.ersties.com/dist/assets/js/ 14 KB
5 KB 17ms
17ms Script
application/x-javascript 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/js/1037.89e284b4.js

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

093d9e3ddaf76d260995030fc0c00447beb8f0a4a57ce1049714352175aaae80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 233744
cf-polished: origSize=13984
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Jan 2024 14:30:46 GMT
server: cloudflare
etag: W/"65ae7c16-36a0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d28ef03661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 3587.029839d3.css
cdn-cf.ersties.com/dist/assets/css/ 226 KB
34 KB 22ms
21ms Stylesheet
text/css 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd35dbd97aaf053d9ac5743fa7d021abda34614f5043585972fa45d1fad66ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 826305
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 15 Jan 2024 17:53:04 GMT
server: cloudflare
etag: W/"65a57100-3876c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d28ef13661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 3587.3d7a01d9.js Show response
cdn-cf.ersties.com/dist/assets/js/ 10 KB
3 KB 18ms
17ms Script
application/x-javascript 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/js/3587.3d7a01d9.js

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd77592297855f0d99c64920fe6ab61240c1a1baef6b75d127e74370d166f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 233744
cf-polished: origSize=10131
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Jan 2024 14:30:46 GMT
server: cloudflare
etag: W/"65ae7c16-2793"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d28ef23661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 logout.php
ersties.com/dopages/ 0
0 976ms
976ms Fetch
text/html 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ersties.com/dopages/logout.php

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/chunk-vendors.12afa831.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

X-Source-Tld: com
Referer: https://ersties.com/login?redirect=/free-chat/AnnyFitness
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:36:37 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 84ae28d28ef33661-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3 200 roles
api.ersties.com/ Frame 0
0 22ms
22ms Preflight 2606:4700::6812:1523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ersties.com/roles
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1523 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-source-tld,x-visit-uid
Access-Control-Request-Method: GET
Origin: https://ersties.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept-Encoding,Range,Content-Language,Content-Length,Accept,Pragma,Accept-Language,DNT,Newrelic,X-CustomHeader,X-Origin,Origin,Referrer,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Source-Tld,X-Visit-Uid
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
access-control-allow-origin: https://ersties.com
access-control-expose-headers: X-Visit-Uid
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-ray: 84ae28d2ec904dbd-FRA
content-length: 0
date: Thu, 25 Jan 2024 05:36:36 GMT
server: cloudflare
vary: Origin, Accept-Encoding

GET
H3 200 3184.4a01a75b.css
cdn-cf.ersties.com/dist/assets/css/ 1 KB
693 B 15ms
15ms Stylesheet
text/css 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/css/3184.4a01a75b.css

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b64ee3963fe071cbb1b122b55ae462b23a3597c558210fc651809f0215800461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 1695894
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: W/"65982cfc-47b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d2cf133661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 3184.e7f69bcc.js Show response
cdn-cf.ersties.com/dist/assets/js/ 1 KB
922 B 17ms
17ms Script
application/x-javascript 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/js/3184.e7f69bcc.js

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/app.a42231d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e373c011f1af2b737389a1c6e9962d9ac8f62aa9cddc7c392c86497d55937b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 233632
cf-polished: origSize=1442
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Jan 2024 14:30:46 GMT
server: cloudflare
etag: W/"65ae7c16-5a2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84ae28d2cf143661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 roles Show response
api.ersties.com/ 2 B
573 B 121ms
121ms Fetch
application/json 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ersties.com/roles
Requested by: Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/chunk-vendors.12afa831.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json
X-Source-Tld: com
Referer: https://ersties.com/login?redirect=/free-chat/AnnyFitness
accept-language: de-DE,de;q=0.9
X-Visit-Uid: "65b1eff8397a54.04572924"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-visit-uid: 65b1eff8397a54.04572924
x-handler-duration: 0.00043106079101562
alt-svc: h3=":443"; ma=86400
x-track-duration: 0.0071289539337158
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
content-type: application/json
access-control-allow-origin: https://ersties.com
access-control-expose-headers: X-Visit-Uid
access-control-max-age: 86400
access-control-allow-credentials: true
x-init-duration: 0.02685809135437
cf-ray: 84ae28d30f5e3661-FRA
access-control-allow-headers: Authorization,Accept-Encoding,Range,Content-Language,Content-Length,Accept,Pragma,Accept-Language,DNT,Newrelic,X-CustomHeader,X-Origin,Origin,Referrer,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Source-Tld,X-Visit-Uid
x-track-total-duration: 0.0095319747924805

GET
H3 200 background.4cac9d97.jpg
cdn-cf.ersties.com/dist/assets/img/ 163 KB
163 KB 22ms
21ms Image
image/jpeg 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/background.4cac9d97.jpg

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e37b0c0f2f2012d6dd9bb07c23772f10b6c7408bfdbc2c2bb500cc07aa634c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origSize=167836
alt-svc: h3=":443"; ma=86400
content-length: 166734
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-28f9c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ef323661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 background-top.a0285ae4.jpg
cdn-cf.ersties.com/dist/assets/img/ 146 KB
146 KB 15ms
15ms Image
image/jpeg 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/background-top.a0285ae4.jpg

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38e8db32dae88aaf05259b12543abbfa40f4bd957dc37b96c770686bd5bff8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origSize=150638
alt-svc: h3=":443"; ma=86400
content-length: 149311
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-24c6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ef333661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 logout.eb259858.png
cdn-cf.ersties.com/dist/assets/img/ 900 B
1 KB 37ms
37ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/logout.eb259858.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0afb41f333329714487fca6f2b36c9fb8bb19d032b8a70cc2c25171f1d6fa71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=1042
content-disposition: inline; filename="logout.webp"
alt-svc: h3=":443"; ma=86400
content-length: 900
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-412"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ef343661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 member.c6a4b604.png
cdn-cf.ersties.com/dist/assets/img/ 746 B
1 KB 38ms
37ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/member.c6a4b604.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876845a717a34629ad9228fe6793503db2b7f3647971cada91a763f6a6cb0d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1695894
cf-polished: origFmt=png, origSize=891
content-disposition: inline; filename="member.webp"
alt-svc: h3=":443"; ma=86400
content-length: 746
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-37b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff353661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 header-bg.a61883f1.png
cdn-cf.ersties.com/dist/assets/img/ 5 KB
5 KB 39ms
37ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/header-bg.a61883f1.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9595383fba77fe0303f0155ee49741634891fce9aa8d1b8d9aa04d04a96c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1695894
cf-polished: origFmt=png, origSize=5597
content-disposition: inline; filename="header-bg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5290
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-15dd"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff363661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 login_login_02.c723d044.png
cdn-cf.ersties.com/dist/assets/img/ 6 KB
6 KB 39ms
38ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/login_login_02.c723d044.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/login.b1958d97.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d61163316fda15207b124e07db3c12fcbdb5a00f428c559ca23dad2ac3680bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/login.b1958d97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1695894
cf-polished: origFmt=png, origSize=6325
content-disposition: inline; filename="login_login_02.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5700
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-18b5"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff373661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 box-backgound-white-top.d1de3afa.png
cdn-cf.ersties.com/dist/assets/img/ 1 KB
1 KB 41ms
39ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/box-backgound-white-top.d1de3afa.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c893cce91ecf3236b77e83efa8f9d79b88a451f4798f1be5094a771ce5c344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=4815
content-disposition: inline; filename="box-backgound-white-top.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1228
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-12cf"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff383661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 box-backgound-white-top-left.0319fb60.png
cdn-cf.ersties.com/dist/assets/img/ 488 B
792 B 41ms
40ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/box-backgound-white-top-left.0319fb60.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bfe07d39fc399cb24304acd0580c59da510d25b88afea58187b50dad5d9fb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=3280
content-disposition: inline; filename="box-backgound-white-top-left.webp"
alt-svc: h3=":443"; ma=86400
content-length: 488
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-cd0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff393661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 box-backgound-white-top-right.80b7e9ea.png
cdn-cf.ersties.com/dist/assets/img/ 512 B
817 B 42ms
41ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/box-backgound-white-top-right.80b7e9ea.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcf77aa78864604fa127e527b993cee56e89e8ba63bf43b4300b9db23f8f5eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=2647
content-disposition: inline; filename="box-backgound-white-top-right.webp"
alt-svc: h3=":443"; ma=86400
content-length: 512
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-a57"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff3b3661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 box-background-center.3e6235b0.png
cdn-cf.ersties.com/dist/assets/img/ 38 B
334 B 43ms
42ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/box-background-center.3e6235b0.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4c6ef787825a77e82d06fdd0dc5c50250d06d48878704b55079e690e7821d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=76
content-disposition: inline; filename="box-background-center.webp"
alt-svc: h3=":443"; ma=86400
content-length: 38
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-4c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff3c3661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 box-backgound-white-left.467b1ed5.png
cdn-cf.ersties.com/dist/assets/img/ 2 KB
2 KB 44ms
43ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/box-backgound-white-left.467b1ed5.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

013ed888da122b2051d58c56fc0fcf54afe88d3351d268209c71b444fdd229a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=6021
content-disposition: inline; filename="box-backgound-white-left.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1600
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-1785"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff3d3661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 box-backgound-white-right.59b338dd.png
cdn-cf.ersties.com/dist/assets/img/ 1 KB
2 KB 44ms
43ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/box-backgound-white-right.59b338dd.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6db383a31a407b3b82f63648260e90c99f3f598a08b4b1f8031144842782c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=5831
content-disposition: inline; filename="box-backgound-white-right.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1492
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-16c7"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff3e3661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 box-backgound-white-bottom.4550c346.png
cdn-cf.ersties.com/dist/assets/img/ 1 KB
1 KB 45ms
44ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/box-backgound-white-bottom.4550c346.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2177750de029a74d7e3e4e4aa515d5706ddc4f908f7e937655beef6370fd7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=4821
content-disposition: inline; filename="box-backgound-white-bottom.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1214
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-12d5"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff3f3661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 box-backgound-white-bottom-left.0083655f.png
cdn-cf.ersties.com/dist/assets/img/ 506 B
812 B 46ms
45ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/box-backgound-white-bottom-left.0083655f.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f853e8844e022241d6245fd5f43fa2462b5ef0aed5f3cd00866bc7673c325573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=2631
content-disposition: inline; filename="box-backgound-white-bottom-left.webp"
alt-svc: h3=":443"; ma=86400
content-length: 506
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-a47"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff403661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 box-backgound-white-bottom-right.13b482c3.png
cdn-cf.ersties.com/dist/assets/img/ 502 B
809 B 46ms
45ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/box-backgound-white-bottom-right.13b482c3.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3b9eb8e161b2d13b1056dd101d60e7265ab4ad07f118a97b442584d812005b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=2596
content-disposition: inline; filename="box-backgound-white-bottom-right.webp"
alt-svc: h3=":443"; ma=86400
content-length: 502
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-a24"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff423661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 radio-checked.e61d67bd.png
cdn-cf.ersties.com/dist/assets/img/ 2 KB
2 KB 47ms
46ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/radio-checked.e61d67bd.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/login.b1958d97.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d950addcaa07bad8a38c706513225b8599db8b6a2a142718d23773b70f42cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/login.b1958d97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1695894
cf-polished: origFmt=png, origSize=1810
content-disposition: inline; filename="radio-checked.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1580
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-712"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff453661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 login_button_sprite.6d58cf8c.png
cdn-cf.ersties.com/dist/assets/img/ 55 KB
55 KB 48ms
47ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/login_button_sprite.6d58cf8c.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/login.b1958d97.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21504a51bf2472b5ae66997bd97e9c9d818039f3de29fd64ad6e7fdd4e936080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/login.b1958d97.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1695894
cf-polished: origFmt=png, origSize=72420
content-disposition: inline; filename="login_button_sprite.webp"
alt-svc: h3=":443"; ma=86400
content-length: 56410
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-11ae4"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff463661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 btns_sprite.dae7e58d.png
cdn-cf.ersties.com/dist/assets/img/ 25 KB
25 KB 50ms
50ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/btns_sprite.dae7e58d.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d14a3c51a86e657c291ca1af80b4cd6172af152084123f3dbccdefeb396b06d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1695894
cf-polished: origFmt=png, origSize=29665
content-disposition: inline; filename="btns_sprite.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25548
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-73e1"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff473661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 footer-logo-en.faea5dda.png
cdn-cf.ersties.com/dist/assets/img/ 15 KB
15 KB 51ms
51ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/footer-logo-en.faea5dda.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57bb538d4f7d1624006219ba1816a49ed5b4ed704560353f0a10cc9026f4bb6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=19534
content-disposition: inline; filename="footer-logo-en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14902
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-4c4e"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2ff483661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 AhnbergHandExtended.26c881bc.woff2
cdn-cf.ersties.com/dist/assets/fonts/ 28 KB
28 KB 18ms
17ms Font
application/octet-stream 2606:4700::6812:1523
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-cf.ersties.com/dist/assets/fonts/AhnbergHandExtended.26c881bc.woff2

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1523 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

736112840511df6f93af1f6041b8a59238cf4c1cbb05b57c72c76597fa33caaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn-cf.ersties.com/dist/assets/css/3587.029839d3.css
Origin: https://ersties.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 239
alt-svc: h3=":443"; ma=86400
content-length: 28804
last-modified: Mon, 22 Jan 2024 14:30:46 GMT
server: cloudflare
etag: "65ae7c16-7084"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d2fc984dbd-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 login-collage_en.fdb1e3b6.png
cdn-cf.ersties.com/dist/assets/img/ 152 KB
153 KB 41ms
41ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/login-collage_en.fdb1e3b6.png

Requested by

Host: ersties.com
URL: https://ersties.com/login?redirect=/free-chat/AnnyFitness

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

979d91d3b0f6e4db9aa4ce74f8b0815e8888e9aa8cf4d34f506304251d447ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1421086
cf-polished: origFmt=png, origSize=170671
content-disposition: inline; filename="login-collage_en.webp"
alt-svc: h3=":443"; ma=86400
content-length: 156142
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-29aaf"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d30f503661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 medium_avatar_with_beard.ca1968a0.png
cdn-cf.ersties.com/dist/assets/img/ 2 KB
2 KB 84ms
84ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/medium_avatar_with_beard.ca1968a0.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3184.4a01a75b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb85655ef9f31fc7c97adfd02d2ae221644e3266e7ea2b70a84f40533da32dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/3184.4a01a75b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1689582
cf-polished: origFmt=png, origSize=4014
content-disposition: inline; filename="medium_avatar_with_beard.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2004
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-fae"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d30f583661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 about_us_icon.41e7688b.png
cdn-cf.ersties.com/dist/assets/img/ 28 KB
28 KB 85ms
85ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/about_us_icon.41e7688b.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd03fa74a9b5276057c11320ba70e242bb2be71257ea8675241dcb813da7bec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/1037.2d812969.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1696022
cf-polished: origFmt=png, origSize=41356
content-disposition: inline; filename="about_us_icon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 28774
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-a18c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d30f593661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 join_icon.60c42522.png
cdn-cf.ersties.com/dist/assets/img/ 8 KB
8 KB 86ms
85ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/join_icon.60c42522.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3184.4a01a75b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd060b7e24acee442c873743c6560f8c6026cf06d0d01d115fa983192a1e8b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/3184.4a01a75b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1695894
cf-polished: origFmt=png, origSize=13624
content-disposition: inline; filename="join_icon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8262
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-3538"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d30f5b3661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H3 200 freetour_icon.4f674de1.png
cdn-cf.ersties.com/dist/assets/img/ 7 KB
7 KB 86ms
86ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-cf.ersties.com/dist/assets/img/freetour_icon.4f674de1.png

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/css/3184.4a01a75b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c5707ea4d5f88090a0ea6dee811d429b2c471957ff0b207fa65b8fd749b292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-cf.ersties.com/dist/assets/css/3184.4a01a75b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1695894
cf-polished: origFmt=png, origSize=12153
content-disposition: inline; filename="freetour_icon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7184
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Jan 2024 16:23:24 GMT
server: cloudflare
etag: "65982cfc-2f79"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84ae28d30f5c3661-FRA
expires: Fri, 24 Jan 2025 05:36:36 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 80ms
68ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-NVCW5WM6SW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52Z6TL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1c816b81bb16b94eccd08db3e5d6f63fcc05e5f8ed54a2647363043b72225d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 05:36:36 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 101ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NVCW5WM6SW&gtm=45je41m0v9126321501z86955670&_p=1706160996049&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1615302551.1706160996&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1706160996&sct=1&seg=0&dl=https%3A%2F%2Fersties.com%2Flogin%3Fredirect%3D%2Ffree-chat%2FAnnyFitness&dt=Ersties.com%20-%20Members%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&ep.location=%2Flogin&tfd=1301
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-NVCW5WM6SW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:36:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ersties.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 181ms
54ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NVCW5WM6SW&cid=1615302551.1706160996&gtm=45je41m0v9126321501z86955670&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-NVCW5WM6SW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:36:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ersties.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 171ms
62ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NVCW5WM6SW&cid=1615302551.1706160996&gtm=45je41m0v9126321501z86955670&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=487596584

Requested by

Host: ersties.com
URL: https://ersties.com/login?redirect=/free-chat/AnnyFitness

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:36:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
586 B 47ms
46ms Stylesheet
text/css 2a00:1450:4013:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c06::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8Go8GH1P-XixzNIu6-72oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-8Go8GH1P-XixzNIu6-72oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 25 Jan 2024 05:36:36 GMT

GET
H2 200 button Show response
accounts.google.com/gsi/ Frame BE28 116 KB
42 KB 101ms
101ms Document
text/html 2a00:1450:4013:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?type=standard&shape=pill&theme=outline&text=signin_with&size=large&width=260&logo_alignment=left&click_listener=()%3D%3E%7B(0%2Cz._j)(%22Google%20signup%20button%20click%22)%7D&client_id=506542501354-1uirdcnsnl36ajas93t12qg6vfrl1jau.apps.googleusercontent.com&iframe_id=gsi_996657_720893&as=zgW4auXB73p0OYsj9TMOMw

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c06::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc7f11a08505c89d91322a627b0e07f34e24cf8bc8cfb7421d70f4aae10b57f8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-AxanPQvgINiVFC5gddpMpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ersties.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-AxanPQvgINiVFC5gddpMpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: same-site
date: Thu, 25 Jan 2024 05:36:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame BE28 0
0 191ms
66ms Other
text/html 2a00:1450:4001:813::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by: Host: ersties.com
URL: https://ersties.com/free-chat/AnnyFitness
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame BE28 51 KB
27 KB 160ms
51ms Font
font/ttf 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27431
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:32:15 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 47ms
47ms XHR
application/json 2a00:1450:4013:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=506542501354-1uirdcnsnl36ajas93t12qg6vfrl1jau.apps.googleusercontent.com&as=zgW4auXB73p0OYsj9TMOMw

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c06::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53b7c00052a951aa215e68829238468fc5896add1c7b2e274b6ba4f84cf19ae0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-LHecQQR5a5nG6YFP6AqmcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ersties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:36:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-LHecQQR5a5nG6YFP6AqmcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ersties.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
311 B 200ms
200ms Fetch
application/json 44.228.7.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: cdn-cf.ersties.com
URL: https://cdn-cf.ersties.com/dist/assets/js/chunk-vendors.12afa831.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.7.151 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-7-151.us-west-2.compute.amazonaws.com

Software

Resource Hash

8f8659b12a685e9f75aa52882cd27ac540361117869e9fc3501c2f04f3512956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://ersties.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jan 2024 05:36:38 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-65b1f366-5907896f2767333f19384b97
content-length: 94

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 582ms
187ms Preflight 44.228.7.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.7.151 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-7-151.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ersties.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Thu, 25 Jan 2024 05:36:38 GMT
strict-transport-security: max-age=15768000

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ersties.com/	1970-01-21 03:32:00	Name: is_international Value: 0
.ersties.com/	1970-01-21 03:32:00	Name: vID Value: %2265b1eff8397a54.04572924%22
.ersties.com/	1970-01-21 03:32:00	Name: _ga_NVCW5WM6SW Value: GS1.1.1706160996.1.0.1706160996.60.0.0
.ersties.com/	1970-01-21 03:32:00	Name: _ga Value: GA1.1.1615302551.1706160996
.ersties.com/	1970-01-21 03:32:00	Name: first_visit Value: 0
.ersties.com/	1970-01-20 18:16:10	Name: PHPSESSID Value: pf3pks4b444pqlgs9atkt8q4dg
.ersties.com/	1970-01-21 02:41:36	Name: AMP_MKTG_b43907968a Value: JTdCJTdE
.ersties.com/	1970-01-21 02:41:36	Name: AMP_b43907968a Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwMDAwMDQxNjA5NDg3OCUyMiUyQyUyMnNlc3Npb25JZCUyMiUzQTE3MDYxNjA5OTcyNzUlMkMlMjJvcHRPdXQlMjIlM0FmYWxzZSUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNzA2MTYwOTk3Mjg2JTJDJTIybGFzdEV2ZW50SWQlMjIlM0EyJTdE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://ersties.net https://ersties.de https://en.ersties.com https://ersties.ch https://en.ersties.ch https://ersties.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOW-FROM https://en.ersties.com https://ersties.com https://ersties.ch https://en.ersties.ch https://spankbang.com/ SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.ersties.com
api2.amplitude.com
cdn-cf.ersties.com
csp.withgoogle.com
ersties.com
fonts.gstatic.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700::6812:1423
2606:4700::6812:1523
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2011
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9a
2a00:1450:4013:c06::54
44.228.7.151
013ed888da122b2051d58c56fc0fcf54afe88d3351d268209c71b444fdd229a0
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
093d9e3ddaf76d260995030fc0c00447beb8f0a4a57ce1049714352175aaae80
0afb41f333329714487fca6f2b36c9fb8bb19d032b8a70cc2c25171f1d6fa71b
0e37b0c0f2f2012d6dd9bb07c23772f10b6c7408bfdbc2c2bb500cc07aa634c1
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
21504a51bf2472b5ae66997bd97e9c9d818039f3de29fd64ad6e7fdd4e936080
2b3959b46b9ec7ebd8d100a227a8ad873b477514a764a2ffeff79c019ac93e53
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
38e8db32dae88aaf05259b12543abbfa40f4bd957dc37b96c770686bd5bff8e6
3d950addcaa07bad8a38c706513225b8599db8b6a2a142718d23773b70f42cde
45af0832c3adc212e6cf4812aa4de572e91230eb4dd156e08cf73d21c76468bc
4bfe07d39fc399cb24304acd0580c59da510d25b88afea58187b50dad5d9fb44
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f9595383fba77fe0303f0155ee49741634891fce9aa8d1b8d9aa04d04a96c26
53b7c00052a951aa215e68829238468fc5896add1c7b2e274b6ba4f84cf19ae0
57bb538d4f7d1624006219ba1816a49ed5b4ed704560353f0a10cc9026f4bb6e
69f2e1a2d9eef4abecc055980ada9aed971350e676d8ccb881a9a851b63df901
70c5707ea4d5f88090a0ea6dee811d429b2c471957ff0b207fa65b8fd749b292
736112840511df6f93af1f6041b8a59238cf4c1cbb05b57c72c76597fa33caaf
74c893cce91ecf3236b77e83efa8f9d79b88a451f4798f1be5094a771ce5c344
7e373c011f1af2b737389a1c6e9962d9ac8f62aa9cddc7c392c86497d55937b6
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
876845a717a34629ad9228fe6793503db2b7f3647971cada91a763f6a6cb0d1e
8d61163316fda15207b124e07db3c12fcbdb5a00f428c559ca23dad2ac3680bf
8f8659b12a685e9f75aa52882cd27ac540361117869e9fc3501c2f04f3512956
979d91d3b0f6e4db9aa4ce74f8b0815e8888e9aa8cf4d34f506304251d447ef3
9bb85655ef9f31fc7c97adfd02d2ae221644e3266e7ea2b70a84f40533da32dd
a178cdad661d60b3697a225d007219719af0c9e1c79beecfb14cc5c41eca724c
a4651f88a307702a6304ae421645707a76b5f998c5df7cfe160016f8d14e4fbb
b1c816b81bb16b94eccd08db3e5d6f63fcc05e5f8ed54a2647363043b72225d6
b64ee3963fe071cbb1b122b55ae462b23a3597c558210fc651809f0215800461
bdd77592297855f0d99c64920fe6ab61240c1a1baef6b75d127e74370d166f0a
c0cd9af34e01842b3787f2da082d740e1b6e0b6a6411bbe7811abc89af997f67
c379d80649f1455231365036d0975da42d64b3a59161c94fef1863a8d6c9f835
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cc7f11a08505c89d91322a627b0e07f34e24cf8bc8cfb7421d70f4aae10b57f8
cd03fa74a9b5276057c11320ba70e242bb2be71257ea8675241dcb813da7bec7
d14a3c51a86e657c291ca1af80b4cd6172af152084123f3dbccdefeb396b06d4
d6db383a31a407b3b82f63648260e90c99f3f598a08b4b1f8031144842782c13
dcf77aa78864604fa127e527b993cee56e89e8ba63bf43b4300b9db23f8f5eb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e450948d4a2befdf1e1fca1504f42da1d0ff1e4217659ff7b2e9ce731d87cfad
e4c1d29cc3edd8ab68a696fd1f405ea441eb70326734decbfbf97c45e5a41265
e527bdf84169130141cb2a119aca5cee135e10b979a2539d169558b91b7b54ff
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd060b7e24acee442c873743c6560f8c6026cf06d0d01d115fa983192a1e8b2
f2177750de029a74d7e3e4e4aa515d5706ddc4f908f7e937655beef6370fd7bf
f2aee5f47b8463b1f2024b872a8aadb7205b98d879399d54ddcf48920ccf4fa7
f3b9eb8e161b2d13b1056dd101d60e7265ab4ad07f118a97b442584d812005b4
f4c6ef787825a77e82d06fdd0dc5c50250d06d48878704b55079e690e7821d1c
f853e8844e022241d6245fd5f43fa2462b5ef0aed5f3cd00866bc7673c325573
fd35dbd97aaf053d9ac5743fa7d021abda34614f5043585972fa45d1fad66ed4
fe51528f441ddf16fc04c5884cd748919a49c8f8faf1fd9814ec87a889a08213

ersties.com Open in urlscan Pro 2606:4700::6812:1523 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

90 %IPv6

8 Domains

11 Subdomains

11 IPs

4 Countries

1280 kBTransfer

2533 kBSize

8 Cookies

3 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ersties.com Open in urlscan Pro
2606:4700::6812:1523 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

1280 kB
Transfer

2533 kB
Size

8
Cookies

58 HTTP transactions
6 data transactions