urlscan.io logo urlscan.io
SecurityTrails logo

www.elderscrollsbote.de Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.elderscrollsbote.de/
Effective URL: https://www.elderscrollsbote.de/
Submission: On October 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 21 domains to perform 63 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.elderscrollsbote.de.
TLS certificate: Issued by E1 on October 7th 2023. Valid for: 3 months.
This is the only time www.elderscrollsbote.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
21 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 143.204.98.49 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.32.99.35 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 18.66.110.17 16509 (AMAZON-02)
6 2600:9000:211... 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
4 23.57.19.78 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.159.8.25 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.111.33 396982 (GOOGLE-CL...)
1 54.74.36.212 ()
63 25
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.elderscrollsbote.de
21    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.elderscrollsbote.de
3    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
hb.vntsm.com
3    2606:4700:3033::ac43:d19f (United States)

ASN13335 (CLOUDFLARENET, US)
www.gameplorer.de
2    2606:4700:10::6816:2e8e (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    143.204.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-49.fra50.r.cloudfront.net
ats.rlcdn.com
1    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net
geo.privacymanager.io
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    18.66.110.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-17.fra56.r.cloudfront.net
c.amazon-adsystem.com
6    2600:9000:211e:9600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2600:9000:225e:1e00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
4    23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:223c:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    35.159.8.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-8-25.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
1    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
1    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
1    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
1    54.74.36.212 (None, )

ASN- ()
track.venatusmedia.com
Apex Domain
Subdomains		 Transfer
22 elderscrollsbote.de
www.elderscrollsbote.de
419 KB
8 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3294
test.cmp.quantcast.com — Cisco Umbrella Rank: 11071
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12881
203 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
104 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
69 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2033
a.ad.gt — Cisco Umbrella Rank: 2191
4 KB
3 gameplorer.de
www.gameplorer.de
14 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 29361
303 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
161 KB
2 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 36170
950 B
1 venatusmedia.com
track.venatusmedia.com
171 B
1 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 23348
8 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
46 KB
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3029
469 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
1 KB
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
30 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2088
10 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
9 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2195
609 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1176
934 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 3523
37 KB
0 clean.gg Failed
i.clean.gg Failed
63 21
Domain Requested by
22 www.elderscrollsbote.de 1 redirects www.elderscrollsbote.de
6 cmp.quantcast.com hb.vntsm.com
cmp.quantcast.com
4 secure.cdn.fastclick.net www.elderscrollsbote.de
secure.cdn.fastclick.net
3 c.amazon-adsystem.com hb.vntsm.com
3 www.gameplorer.de www.elderscrollsbote.de
www.gameplorer.de
3 hb.vntsm.com www.elderscrollsbote.de
hb.vntsm.com
2 id.hadron.ad.gt hb.vntsm.com
2 securepubads.g.doubleclick.net hb.vntsm.com
securepubads.g.doubleclick.net
2 hb.vntsm.io hb.vntsm.com
1 track.venatusmedia.com hb.vntsm.com
1 cdn.edkt.io cadmus.script.ac
1 cadmus.script.ac hb.vntsm.com
1 proc.ad.cpe.dotomi.com hb.vntsm.com
1 a.ad.gt cdn.hadronid.net
1 audit-tcfv2.cmp.quantcast.com hb.vntsm.com
1 rules.quantcount.com secure.quantserve.com
1 cdn.id5-sync.com www.elderscrollsbote.de
1 cdn.hadronid.net www.elderscrollsbote.de
1 test.cmp.quantcast.com hb.vntsm.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 secure.quantserve.com cmp.quantcast.com
1 geo.privacymanager.io ats.rlcdn.com
1 ad-delivery.net hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
0 i.clean.gg Failed hb.vntsm.com
63 25

This site contains links to these domains. Also see Links.

Domain
www.elderscrollsbote.local
Subject Issuer Validity Valid
elderscrollsbote.de
E1		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-10 -
2024-04-08		 a year crt.sh
gameplorer.de
E1		 2023-08-29 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-07 -
2024-08-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
cmp.quantcast.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
api.edkt.io
GTS CA 1D4		 2023-09-27 -
2023-12-26		 3 months crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02		 2023-01-24 -
2024-02-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.elderscrollsbote.de/
Frame ID: 3D0BBCF1906A46269DB34D9C9D2EC9B6
Requests: 62 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 97060318CDE9FD720D49279B487A8820
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Elder Scrolls Online Builds, Planer und Guides auf Deutsch | ElderScrollsBote.de

Page URL History Show full URLs

  1. http://www.elderscrollsbote.de/ HTTP 301
    https://www.elderscrollsbote.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

63
Requests

97 %
HTTPS

68 %
IPv6

21
Domains

25
Subdomains

25
IPs

3
Countries

1421 kB
Transfer

4231 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.elderscrollsbote.de/ HTTP 301
    https://www.elderscrollsbote.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.elderscrollsbote.de/
Redirect Chain
  • http://www.elderscrollsbote.de/
  • https://www.elderscrollsbote.de/
44 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0aa641b64783ca780539459be195a8f41c841a9a73bb81358f9cfb10d1c96a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81794d5a0b9736dc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 14:41:23 GMT
link
<https://www.elderscrollsbote.de/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oHe0SXkGK3Doobb3T1zMy6p%2FeHbwLVpQe7DMM%2BpdaXiGJp7DDAI%2Bh7kv4ILFuBQFzer3vc8vLoerxS%2B9J82BA8Mxic6LmD8wIc4jOUGDnjtVwIHu7%2BY6MsGzvQdVJFSNLYUbjUigcdKWpZqLTr32%2Fr0slh4qw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
MISS

Redirect headers

CF-RAY
81794d58dd4a9b55-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 17 Oct 2023 14:41:23 GMT
Expires
Tue, 17 Oct 2023 15:41:23 GMT
Location
https://www.elderscrollsbote.de/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2Fqzlf5yNblC%2BmbGl%2Bo%2Blf1nufqRw%2BDMOkuhXHJPhcs70YwuW8XTC0myLDMbhiQ3VlhI5N49uRrWq0x8ttfHBnHhh4jLjjS07nGpZbvpxJyYxtTQwI5TGK5RyP9aSDlWtr16tLD0viJ6qtxO%2BU73M1ViuzgfTA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.css
www.elderscrollsbote.de/static/core/ 		132 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/static/core/style.css?_v=3.25
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030e49b77a6a332abf1f1b37636f45bf709383d3ac85be2c89171829917a1912

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6770807
cf-polished
origSize=135307
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 23 Jan 2019 10:39:24 GMT
server
cloudflare
etag
W/"5c48445c-2108b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUl6tPOVzgkh234ghnp5wbUSbWu%2FLczw%2BIfV98cnTZOag1Dxvn7Be7MNazrq1reG4SsMroacpxusKOlBG%2BZ7FDdEnK2IhqKtAsN5mzACVdumjqJM03wtYqu%2FH9mufUDdBbKL7VF5vC59s89FZ8dod9fa8F1bPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=7776000
cf-ray
81794d5cbf3536dc-FRA
style.css
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/style.css?_v=318e86
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f30a1f522776df2a816b1abd4f8a7e95ab751c655c8a9c4492b8a81e1356ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6770807
cf-polished
origSize=8583
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 06 Aug 2021 10:14:22 GMT
server
cloudflare
etag
W/"610d0b7e-2187"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5ebL0m07tHJlM9oiFvRGWz10VZI4OxS3GX8tF1qAIYbOm78MQbibXr4RAdeKNjZw%2FdSOz4PDNio%2FuS57ZB3ewNuGzllYpjhqANdOgEWweWgolg2CUjmmYxyfDUzP75dafFK%2FO1PvLDsKiqQu0HIl9rWLdwK1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=7776000
cf-ray
81794d5cbf3836dc-FRA
login-form.min.css
www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-core/css/blocks/ 		727 B
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=11.3.1
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83777842e1d7a8a995b3013c4e5df77e513327e0fbe3a40cad620e3614aabc41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 21:22:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2104588
etag
W/"64e7ca1e-2d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2s%2BIkgG%2FQKMw14pxFCTfAz39NDrwE9m6zBuger9IBaj7AXJEfsBt7hq%2BNN9nAQf9mDhzVTHZaJB2%2Btrxu0zzXr4az8IJHhbsquN5v9rutHjsNH1wYg%2FDLRe%2BKo7K%2FFyYqM%2F110v8zIMZgs3WqmSM8vVE7k%2BfzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=7776000
cf-ray
81794d5cbf3936dc-FRA
alt-svc
h3=":443"; ma=86400
latest-activities.min.css
www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-activity/css/blocks/ 		2 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=11.3.1
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c8368f1d6aee4231aef9e92d074d0e07937cf666dd9bda043a61371ee85f47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 21:22:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2104588
etag
W/"64e7ca1e-755"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQFMcZcUEw4yotxJ6HPp9BPSt2dt2JkimFbGePL6QHfnDh6AriEvgQ1r7PX2h9QbaMo6IIL%2F7AesXhIIdPhRxp2Brx7NNoPE9UdtmfU5Pr1EkU7je9jVzIkyDdC4bxXCxJe%2FMglkKh8hdiiXB5DjiBkgN5pCGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=7776000
cf-ray
81794d5cbf3a36dc-FRA
alt-svc
h3=":443"; ma=86400
recent-posts.min.css
www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-blogs/css/blocks/ 		804 B
553 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-blogs/css/blocks/recent-posts.min.css?ver=11.3.1
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6835151bd3260787d6eb21870f998a5482becaa6855a35f9393b5afbaa7b0563

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 21:22:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
893605
etag
W/"64e7ca1e-324"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1vsY%2Bv%2F1tjwx3Ive1SFYGiA5Yov5TFZF0%2BEZt1%2B0%2FDrcPDsWhx0%2FjIrRIEcBzNqLZOsgSyPwasqUEbOtXoo1A0gxE6fS7ZrcjKuwtGQxDRHjGBRFpw4lVoya4vNsHDEgpJaYdAy%2FdL5wRZcgfPLfiJud%2FuJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=7776000
cf-ray
81794d5cbf3c36dc-FRA
alt-svc
h3=":443"; ma=86400
sitewide-notices.min.css
www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-messages/css/blocks/ 		1 KB
882 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-messages/css/blocks/sitewide-notices.min.css?ver=11.3.1
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b5149757c0da8c26fa2fa9d3f6190cdcf4b16b9eabc4cde2cc94301054c13e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 21:22:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2104588
etag
W/"64e7ca1e-57e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czNZ4El9hgd0ORnDRxnmk%2BLSgDggC3Ys%2BpJYv1%2Bp%2BlL8N8ywTaqWy%2FVAql0YWlCMBbadGGgPWoL1puSnfkbd54s721b4n4hExHGcasAvWPsHpuNuE0xSYuad%2FJWNqM%2B7IzvplLJ%2FC4BOiW1zpZHm9d%2BrqAYGtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=7776000
cf-ray
81794d5cbf3e36dc-FRA
alt-svc
h3=":443"; ma=86400
tooltips.js
www.elderscrollsbote.de/esodb/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/esodb/tooltips.js?_v=98a55b
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5588a25192a335bfb14d7e73a6bc01defe9431cbc9f0a4485dc0bd038b0bd67b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:24 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 26 May 2020 15:32:25 GMT
server
cloudflare
age
6766937
etag
W/"5ecd3689-2155"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeT%2Fx8kcbViGe9hLfnf90Gt3dPrUNeV5kW2exa1xaoTSMr%2Bb04pG1ctEz6%2FOZDrx8lz875fauaYEOjCZRErX9OV4peA4nw%2BPS%2F6YH7r3JIkdKh9rdg%2FiKsclW1NHOAbiKFMOXf7ZOBveqTZJFKNZKaKdrceh7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=7776000
cf-ray
81794d5d2fc036dc-FRA
alt-svc
h3=":443"; ma=86400
ad-manager.min.js
hb.vntsm.com/v3/live/ 		997 KB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
f3dfdae95ba14389dc6aaa4d569b73ba5deb3fbe696f6f905e542c3bc62edb57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:24 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-server-side-encryption
AES256
cdn-cachedat
10/17/2023 10:26:36
cdn-pullzone
131999
last-modified
Tue, 17 Oct 2023 10:26:27 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"15d0f3c261eb76864bf47bc32dd09914"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
e006b60778b2c70718ffbecb14af6a05
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
pricecheck.js
www.gameplorer.de/widgets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gameplorer.de/widgets/pricecheck.js?_v=20
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d19f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0009f85278ff0fe035dbde61a064fd0d198be132928426c353c17fd18b8faef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:24 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 09:54:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
65255
etag
W/"5fd09ec5-1c8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wc4gTqeiauNE9gaQZPT7wbJ%2FxzXwIehFtCZUobeVgPok5A587tsr%2BsEvgFlqxu2HRDaVbHwqopMbFMYs2qqVsm4xYNT%2BwF7kjcjdbNA1BOlk1YnQ29d6AKgw7uXedk3Bn3H7D3%2BsoQ9ebvXxYgkdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=7776000
cf-ray
81794d5efbc191e7-FRA
alt-svc
h3=":443"; ma=86400
mundus.js
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/mundus.js?_v=20436d
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481e74ed793add23ec1387aabc2f3bf0e0c99d0435285f06398fc5a1c3044afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6767510
cf-polished
origSize=4423
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 07 Jun 2019 19:30:50 GMT
server
cloudflare
etag
W/"5cfabb6a-1147"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jzk5eCbTDeDaHEgvDRAZL6fv5lhAne8E3cYowIu5ZyIXschKnDK3Ekkcb%2FQDSeA6bYmReV%2FAuNtJp9bbjZ9O7ZWFP1g0%2BK8B2YTsZ4AD2ZPVmssX0%2F41Vvsdd3BEvAwq6PX7nRMDrj226awviDvGnGC526VwOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=7776000
cf-ray
81794d5d3fd936dc-FRA
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
greymoor-wallpaper-2.jpg
www.elderscrollsbote.de/wp-content/uploads/sites/13/2020/05/ 		339 KB
339 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/uploads/sites/13/2020/05/greymoor-wallpaper-2.jpg
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d90b0268c4ae59eee839d1f9f7bd0113aaf94795aa1e6857565b3bfbfc4c53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:24 GMT
cf-cache-status
HIT
last-modified
Thu, 28 May 2020 06:55:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6763920
etag
"5ecf6069-54a88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BzZIBUm8USvNvT5mv1oEdy5pAR%2F86ebNSKrDpJQEi%2FQZbVy3oaOqgaroGwXqKQBAZcy8nf7NkfAJuMNeumwpyVdbheBaKjlx%2FOCwFBYVLDcgjw6QNT6YXr%2F49N3hx01RY4xeO10ndvMk1uxDIL4omCeN9pi%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d5d4ff236dc-FRA
alt-svc
h3=":443"; ma=86400
content-length
346760
glyphicons-halflings-regular.woff2
www.elderscrollsbote.de/static/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.elderscrollsbote.de/static/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/static/core/style.css?_v=3.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://www.elderscrollsbote.de/static/core/style.css?_v=3.25
Origin
https://www.elderscrollsbote.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:24 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Aug 2017 14:09:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6768540
etag
"59887493-466c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJgdvgIVNp61eOlrIgbhpOk153Mwh9BLq5wkzETLQQZvj3yJc6UM2DzzwKlZbLYojiEfM3QlgrZ9QcazV4YdxL5PwEp7pTSKTqMQDcQygf7Yc73%2B6JtDe2DNXfbTbBFuxUIfKSd7sb1NlCKrMddpBWwG39fDKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d5d4ff436dc-FRA
alt-svc
h3=":443"; ma=86400
content-length
18028
elderscrollsbote.png
www.elderscrollsbote.de/wp-content/uploads/sites/13/2019/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/uploads/sites/13/2019/06/elderscrollsbote.png
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b2cf3ff28c623d318ac7c4485d052da1a6fa492128d724dde4df63bbbf760b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:24 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2019 09:44:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1765166
etag
"5cfa31f0-f47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdLnx5nc5LX6KHV%2BUb35mPcqM8HnB7NcK7%2BLldL1%2BY6Tz1wuxH9oSQT6RPP5Fwua22KqFH2MLksnjymoUfamagntbYxnud6jwPq8PmBOvBQe%2F4CGvp0r8E1OOVlD%2BoZVpNRcKXBwO2HWCUjtixN%2Bq3gOCzZLRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d5d7d0f4d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
3911
65817,65819,65811
www.gameplorer.de/wp-json/pricecheck/v1/ 		433 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gameplorer.de/wp-json/pricecheck/v1/65817,65819,65811?_jsonp=gp_pricecheck_loaded
Requested by
Host: www.gameplorer.de
URL: https://www.gameplorer.de/widgets/pricecheck.js?_v=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d19f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857525b704b4d76c91f2c0f2b409b9cd582abe0510e32d83342dc2cd57bbc3b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:24 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
server
cloudflare
allow
GET
vary
Origin,Accept-Encoding
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ihfpl9uah5zAEafkGAaBEWxpiJp0eLpFkaP7uytL2UXrzWm6Fkc4BxpAOUxAA1i0%2BjoRhDB1vPHwZoBd4mKkg5MQsmuH0oV9fC%2BDktPb%2F5M%2FnA5s2xSM3emu7i6PjWjwSpO0RtjdaJrGlPoBakdv%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://www.gameplorer.de/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
81794d5f6c1d91e7-FRA
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfed71627a698aed0f3570192b00e56525b0efe0c27ecb46eddd42fb7f67afde

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
content.html
hb.vntsm.io/ 		32 B
661 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
x-amz-request-id
3HJ4284DP259N4PT
age
3506
content-length
32
x-amz-id-2
7XsZMfFBqz4498WkrL65T7ah/m+6bhxRyZ898tZPFzAxQW6Wh16sZSddAYFtKaAjihMJBJvfMvM=
geo
DE
geo-subdivision
DE-BE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81794d668f132c75-FRA
60f6d3b2ffc37172cbbc01bc.enc
hb.vntsm.com/v2/live/ 		33 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/60f6d3b2ffc37172cbbc01bc.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
dccd85e417937c6e1bd902d9e61d7d801d7ec18fc9d53c46ddabf7abf85cc836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-server-side-encryption
AES256
cdn-cachedat
10/17/2023 10:28:35
cdn-pullzone
131999
last-modified
Tue, 04 Jul 2023 15:33:00 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"9569c17974585849214962dabcc14b0e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
47cb28621ffce6e079a3c3939b0600d2
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
classdragonknight.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 		623 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classdragonknight.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff8976c5b06a86af543bd5e0313493efc9c4bc2957cc27da148afeb1d692c479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Apr 2018 07:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
868523
etag
"5ac4851f-26f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z58Qmja72V4Q1Ol9QI9Va%2FfytqTLrZC%2FmHntMae%2F48lVFPdoOZUxqzygZIdPJMGV6JEBhyn4SrskvN71HJZGdyea%2FbqpcQ7GScMRLraFp9eyIzwyXxgiMUJCPZlTTSFD1rEMQdk%2Fyy%2BL6ArDdPFsHrGlApOqng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65ced94d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
623
armorlight.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 		763 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/armorlight.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5abfda0176f11e766213cad2572c49bb48b4671adc21c5050aee8543c4395ecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Apr 2018 07:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
941597
etag
"5ac4851f-2fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQYNtcBVY%2B5zqdoL3zYrBIC64wo4MR2ycyugzHney4FEglxBkTUhUFl2Ha%2FJj%2BEeB%2B1AS%2BPIOoA72uWO6aotMXBNQR0Qji7HpY540cR3kv8zs9BH1N1fFDCiQEJSsvFlLe25k1wvyb67K1DapFz57d8JSVlGdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65cee04d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
763
armormedium.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 		874 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/armormedium.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c9d9e24498d49f73d841bb103071b606acbdce264ece5a0a572376c0d1c422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Apr 2018 07:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
868523
etag
"5ac4851f-36a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZqOb6ABqfZepWoLAMYpyXWfvL1yVD0B2HQQRkfcSfHDIXX%2F9FP8QEWsxUfF7v0rhMeFY%2FZ6en7W4VPTMj662uY4VH4qoZYSPDYS6DYJrmW7sNzs0rwCGdPoXbfEByHc%2FT0b%2BvOHbrtkmi4TMy%2B%2FBG%2F1mH2tGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65cee24d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
874
armorheavy.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 		907 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/armorheavy.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4d2e87b1cc232666652729a14b347dcfc274944cd74455761ffb3e5076d92c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Apr 2018 07:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1765080
etag
"5ac4851f-38b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8abPhUdGqGBjs%2F5bdA97oI2BhT3ZMBnZ2h%2FedGHnuRpiXRA4RspzLsdUnH%2FyahH%2ByNnrOqQarKuEKoQQ5vkTl2EcE6NxTdmF4p5gM993%2FKVBmGBIl9or6QH%2B2zmidA%2B7zuzPBZE97%2F7g3LPMH1wG%2BBI%2Fs9tDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65cee44d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
907
classtemplar.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 		591 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classtemplar.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398ded36b014a32e4b91b33b73639e17660591686d6a80a94f62560c0cf066a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Apr 2018 07:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
805092
etag
"5ac4851f-24f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkNtzDcR9kLItW9E0EGkI7doVyD46LJ9g%2BeuVlQ2S7va%2B5Q69mbc3xCH2qYxc1PthUhbNBOMA4geDi6AAVKoJMRcyGceWzTDAEHh3eRa9eE4ifKIBxcpEBBCuEbcooo0l5sqeAIeDGKxio1cyqVn2pDaWLa8UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65cee84d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
591
classnecromancer.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classnecromancer.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91b33251a9702933272996fae415ff9078e511b45b6933dae08bab3201f5fd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
last-modified
Tue, 21 May 2019 19:42:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
941597
etag
"5ce454c2-7dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeu3hxd%2BZbV7DZPXhGOLApg0We31LQ6ZnbGD6Yhdbqub%2FT5%2BEqtamr4WZ3z%2Fp%2FxoDj8htnTwKbuRaQLDhoInnzzwVY%2BnqSfg0hOin0MwfcXBIMAcdT9lKmYtdLHlebww8gVwcvYWJyvPcEraLX3za1bvjtSmRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65ceea4d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
2013
classwarden.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 		660 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classwarden.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc391ba1e7f99ce1b4ab68620b4a8a7c116d411fc1585dec1838dcf9eff7600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Apr 2018 07:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
854871
etag
"5ac4851f-294"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yk29jKnepj9LmeujyuCqx%2BQzB8EQSOZNS3lb%2BwWZpXcrsBPJ7IptBexwu1W3tLD3J4esRTuH%2BTxl%2FmKo78kmljuGPlojTOgva17ovu3zTdJv1VROgUnTQ1UhE1kh9a9TTIHp7KT%2B%2B9Jp9jDXo3nX9TyaJeL4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65ceeb4d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
660
classnightblade.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 		530 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classnightblade.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466fee0a1ac33a3d7e02bc06bcff70c7cb24fde0dfd47373bbd6735c135b8759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Apr 2018 07:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1738230
etag
"5ac4851f-212"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1saAMhyHBIQr%2B7RpogFOuRFWaexxxI3x5H0hz7YMsn0UHcDVcPOfjpoelRxJs0%2BSPuQFuyZxXhIOl%2BRhIxD4506iyL%2BsNBsaEOA3ZD1X5G6tozMiAMINQPhQGss6lBlinCssvE7Wb%2BLaIsCo62b2PQokQuLoqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65ceec4d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
530
mundus-interact-128x72.jpg
www.elderscrollsbote.de/wp-content/uploads/sites/13/2014/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elderscrollsbote.de/wp-content/uploads/sites/13/2014/02/mundus-interact-128x72.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9cf76d6e0b9e1131c9912639dcd10696b6ec8daf29f25d5f11ca81673564fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Jul 2017 12:11:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2302344
etag
"5975e3e0-e6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eg4y7YRREp%2BArF6v%2FRLg7DFsTs3kXmNDNxZxyQ403TW1djuCyRINktJ2lRQa2gfN%2FBQKixf8Dce83%2F0zXGW7s3h7n3Owut4zjcoqdxKSgtr5zJ0m%2Fk3kqRvrWL%2FooWniP%2BjB%2FLVJ0UQEUya5FIWyq9%2FhOwoz6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65ceed4d95-FRA
alt-svc
h3=":443"; ma=86400
content-length
3695
eso-blackwood-upgrade-pc.jpg
www.gameplorer.de/wp-content/uploads/2021/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gameplorer.de/wp-content/uploads/2021/01/eso-blackwood-upgrade-pc.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d19f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5f256bb34da21478ebb6248b2781894cc58e36306a914156cda23395c22713
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1572147
alt-svc
h3=":443"; ma=86400
content-length
10352
last-modified
Sat, 30 Jan 2021 15:05:53 GMT
server
cloudflare
etag
"601575d1-2870"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWafH8g%2BqwDTBbZ8e3VD9oqz8MM9yKwshtkD42Cv%2BK4tDQtVarRgfK6cBg5FgOvLmQeDYQUkCmQhoudYq%2B49X2JbmrvGRC1zzbQv%2BCPxTJxYkKhAU33SiXI1sjaQ7AKi9JAN2kISoJ%2BXIJb5dFBEzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
81794d65eb1f03c4-FRA
cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame 9706 		967 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569

Request headers

Referer
https://www.elderscrollsbote.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-cachedat
10/17/2023 10:26:36
cdn-edgestorageid
1081
cdn-proxyver
1.04
cdn-pullzone
131999
cdn-requestcountrycode
DE
cdn-requestid
f5de2d818fcd5571815fea08a85147f0
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-encoding
br
content-type
text/html
date
Tue, 17 Oct 2023 14:41:25 GMT
etag
W/"d80b9831e6e7896aa97e84d70f49e545"
last-modified
Sun, 10 Sep 2023 14:04:21 GMT
server
BunnyCDN-DE1-1080
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-bl
0
content.html
hb.vntsm.io/ 		32 B
289 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
x-amz-request-id
3HJ4284DP259N4PT
age
3506
content-length
32
x-amz-id-2
7XsZMfFBqz4498WkrL65T7ah/m+6bhxRyZ898tZPFzAxQW6Wh16sZSddAYFtKaAjihMJBJvfMvM=
geo
DE
geo-subdivision
DE-BE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81794d668f142c75-FRA
ats.js
ats.rlcdn.com/ 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-49.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
75z8QHpA.q.L4Ary3PZpPFO6qhLCQCGi
content-encoding
gzip
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
date
Tue, 17 Oct 2023 07:13:49 GMT
last-modified
Thu, 21 Sep 2023 08:31:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
26857
x-amz-server-side-encryption
AES256
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
zDJ8PpKfluWExuRcYJSgEiZwqmEXFkdFOFmGvzxu1KMmgNJPy9q-RQ==
px.gif
ad-delivery.net/ 		43 B
934 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
756108
x-guploader-uploadid
ADPycdsLsPnNlBzlzHOQ8pfsmumGi4pyerGGDLVUlo8-SHse7ZeGqjtUHesowkGqEZrcUxuTEmxq4TLmuynu_aD5dgNX2l4u4YVk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNRTzcXcIoI8Siw0LuiMyC5jybl9JAi2EBaq7Jrq2wsfo28Xf%2B%2B0vZ8UGomcV8vpBM2%2FgmZ90yie0i%2FfOP5hAUX63CAO3hNBZr1zFMROvXluihGmZU6QMNKde71Vdc5XDOdQHxOlZK7BfVgC3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
81794d67ed6b4d25-FRA
expires
Sun, 08 Oct 2023 21:24:59 GMT
/
geo.privacymanager.io/ 		30 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 01:29:07 GMT
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront), 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
47538
x-amzn-requestid
3bf32545-c8e9-4a33-b7b8-54c052b167db
x-amzn-trace-id
Root=1-652de363-371d597471bcda4448bdee3f;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
M7B3jEM3joEEpgQ=
content-length
30
x-amz-cf-id
XLXOBJf-NPoLwLdXkKM63YOEfad1EJ1xJbAiMZYo_pq2IIadaQ9kMg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37821df84601f1f8c1177e18b39fdf29abdde356af815b821b789cd5b9613658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29168
x-xss-protection
0
server
cafe
etag
324 / 19647 / m202310120101 / config-hash: 18273808332962768134
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 14:41:26 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:16:43 GMT
content-encoding
gzip
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
1484
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
wdRSlGjQSN0DXxKGMPokxqUS1L1eodXO6V2ZJ0YehOsRfb8chv-eig==
choice.js
cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/elderscrollsbote.de/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/elderscrollsbote.de/choice.js?tag_version=V2?timestamp=1697553685915
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0554578da1559be93865ab85e0d3a49b54075966d4e9fa4333e02e06b0e92e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:26 GMT
content-encoding
br
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 23:45:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
28
x-amz-server-side-encryption
AES256
etag
W/"cc516ad71d91235da70b54e5713b5a97"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
dgyrdlFnriuEkV2eKjTA9RqlwXrHyLMsktTuVM7oRgIZ4ku_TypYJw==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/elderscrollsbote.de/choice.js?tag_version=V2?timestamp=1697553685915
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:26 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 24 Oct 2023 14:41:26 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		160 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=elderscrollsbote.de
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/elderscrollsbote.de/choice.js?tag_version=V2?timestamp=1697553685915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:14:54 GMT
content-encoding
gzip
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1593
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Thu, 28 Sep 2023 19:02:48 GMT
server
AmazonS3
etag
W/"fc4e55a5d8f4ef863759040ad9a735b2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
OV1p3N0KMbtIEXEcLzdvCrW5g0wNZHn29BcpMAmmylDLek8fm55cTQ==
70247b00-ff8f-4016-b3ab-8344daf96e09
config.aps.amazon-adsystem.com/configs/ 		537 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
a8125d8eecb80041580b64c5f70fbd2b70baf0d063d50b0885088f0b812df31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:08:38 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1968
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
adHG93In5qS-Bj_XlPwtxG7PZjqo0Tf10AzfOhq53mxH3Uqm2J3zIQ==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.elderscrollsbote.de&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:27:48 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
age
11617
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.elderscrollsbote.de
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2353
x-amz-cf-id
pQcM0AedLGJo_33Ao_Si3NbovOoUc4XrmSjUM41wjVci6tg0bIzmgA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 04:04:39 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
38208
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
licwChbbNHfOU0TKj-RP166bITycwMKNHfwkDJSaaJTkjMvQ-cxVEg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
81285
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134870
x-xss-protection
0
server
cafe
etag
11169537383484699631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 15 Oct 2024 16:06:41 GMT
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1e00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2777728b6a843d0c9f4cf48ee4ae0d6578ee7c565c15c32c29e48640893d52ee

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elderscrollsbote.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:00:40 GMT
x-amz-version-id
RmBAvo2GdAadPfN30SZARmFQmvGShfQI
content-encoding
br
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
42047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 11 Oct 2023 19:52:29 GMT
server
AmazonS3
etag
W/"aa4d81007eaebf13941b812e0f4690d2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
rfg29ZKbpKscSgUMILUD6YFXv-HClQEe-o5M1W1oTtqEdQZmnehMnw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:26 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 17 Oct 2023 14:56:26 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.elderscrollsbote.de%2F&ref=&_it=amazon&partner_id=288
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
3187
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
81794d6b5e4f3a76-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		138 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
x-amz-request-id
K9Q250V9R1Q6W27R
age
1738
etag
W/"cc062d3a08ec5f94b7d1ab377b1e95bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81794d6b5a453a5a-FRA
x-amz-id-2
PD1S0JoPLMtwqKBfKoQwkKEr6ORo2NJ5ZQTQRMedIqATLJ/HfkY0/HNDgoPnfWuQ7I5txIlbFtA=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:26 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Tue, 17 Oct 2023 14:56:26 GMT
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:32:38 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
529
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 23:45:13 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
ccJ1o5DZkcSLa7VOz4-AsULtyt05E-rB-idGMp5mqvZELfz4OiYVHg==
cmp2ui-de.js
cmp.quantcast.com/tcfv2/48/ 		299 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/48/cmp2ui-de.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=elderscrollsbote.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1eba35f85996c2587e2e265d182bfe238af986a40775682feb00249c650c4bfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:04:15 GMT
content-encoding
br
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
73345
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Thu, 28 Sep 2023 19:02:19 GMT
server
AmazonS3
etag
W/"5831f5d9227bc289e596b2481caee7c3"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
xp-xZx39pxpF11Hd0vg5TUIyJow0neuILa_x_6FqFvQ6v-kK9qpkYw==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		357 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dbedada2a4d7c019d0553171ece2c270a3cb7b5beea450bce5e26009d11d797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:00:43 GMT
content-encoding
br
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
42044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 17 Oct 2023 03:00:37 GMT
server
AmazonS3
etag
W/"dda2081c82bffbef9767f01d5e66442f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
-e5E6NCRUofuF83XMQzInZMWSmQ-75Ki960NohbGLOHRBUpZjMMiKA==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		141 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f058511b904de35902f814231968fab5d08b56ce444e3fdefa0d33e9cf1ec5be

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elderscrollsbote.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:00:28 GMT
content-encoding
br
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
42059
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 17 Oct 2023 03:00:26 GMT
server
AmazonS3
etag
W/"1e4d3cb991895e0ec4cdfbc78091c44d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
PQpZ37wOUdd3lB0bBTVwu9ORkLcYbCFbEQvBdkbK1awZfaHKodEhMg==
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:26 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Tue, 17 Oct 2023 14:56:26 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.elderscrollsbote.de&url=https://www.elderscrollsbote.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.elderscrollsbote.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
81794d710a3f9bca-FRA
content-length
0
content-type
application/json
date
Tue, 17 Oct 2023 14:41:27 GMT
debug
OPTIONS block
expires
Wed, 16 Oct 2024 14:41:27 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		104 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.elderscrollsbote.de&url=https://www.elderscrollsbote.de/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442049812a5dd63f21790ec983b3bbeebe0076f0d577e4c21aa258b9e41d08e8

Request headers

Referer
https://www.elderscrollsbote.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 Oct 2023 14:41:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
81794d71ebbc9bca-FRA
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22www.elderscrollsbote.de%22%2C%22publisher%22%3A%22elderscrollsbote.de%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.48%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22AitjImqUeUVLARDtjLVDGw%22%2C%22clientTimestamp%22%3A1697553686426%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-7u1ybe8kg4edxnut9o62%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.159.8.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-8-25.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.elderscrollsbote.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 Oct 2023 14:41:28 GMT
content-length
2
content-type
text/plain; charset=utf-8
purposes-DE.json
cmp.quantcast.com/GVL-v2/ 		32 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/purposes-DE.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afecc76e4e6fc00c913ded96cb77d9f0d014548ebcebc99e73b0354850c08a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:00:44 GMT
content-encoding
br
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
42044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 21 Sep 2023 03:00:36 GMT
server
AmazonS3
etag
W/"0f47ae005be0ce55d83225698caabea5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
yPcAbQva06ntRtjZYQRe-DsUuBY0DpJgxquq8sgBW8QDfkynHxmQ3g==
288
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.elderscrollsbote.de%2F&ref=&_it=amazon&partner_id=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a06d8241b068f1d77eeabbb9aa151b80c89e1af30577b18b2aa2517a1cf545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 Oct 2023 14:36:45 GMT
server
cloudflare
age
284
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
81794d7d9ed74dbd-FRA
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:29 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.elderscrollsbote.de
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Tue, 17 Oct 2023 15:11:29 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:29 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Tue, 17 Oct 2023 14:56:29 GMT
script.js
cadmus.script.ac/d1oykxszdrgjgl/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
983a039b427ae5761189daf2f4f87a65386e6006fc4cec5e4fd3ff96d84d06e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.elderscrollsbote.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 14:41:32 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 13:22:37 GMT
server
cloudflare
age
0
etag
W/"b0287396a90d95f3c9907822f1e381ac71479f07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
81794d93a91f9211-FRA
1a
i.clean.gg/ Frame 		0
0
1a
i.clean.gg/ 		0
0
edgekit.min.js
cdn.edkt.io/rNn9xk/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ae79e9d258d8a5279ebb7b726485c5a74bab661c29617a3b2cc2d5e0741be191

Request headers

Referer
https://www.elderscrollsbote.de/
Origin
https://www.elderscrollsbote.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 11:47:36 GMT
content-encoding
gzip
age
10437
x-guploader-uploadid
ADPycdsJ0ecrzlGTokrl6zD2SXvwLqhFlc7akjtrbZdeZfNXDoIbKtUGIlJJ2uiYCVky0Zy7QTsdGh803pKx6oUe--sG
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7874
last-modified
Thu, 12 Oct 2023 12:19:09 GMT
server
UploadServer
etag
"1028fd4d8b2e45db5a6b2f25a55482b7"
x-goog-generation
1697113149978541
x-goog-hash
crc32c=qqmV/g==, md5=ECj9TYsuRdtaay8lpVSCtw==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7874
accept-ranges
bytes
expires
Wed, 18 Oct 2023 11:47:36 GMT
track_enc
track.venatusmedia.com/dual/ 		16 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.36.212 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.elderscrollsbote.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.elderscrollsbote.de
date
Tue, 17 Oct 2023 14:41:33 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.clean.gg
URL
https://i.clean.gg/1a
Domain
i.clean.gg
URL
https://i.clean.gg/1a

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| ajaxurl string| esodbv object| __vm_add object| ElderScrollsBote function| gp_pricecheck_loaded object| gppcd object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| mnet object| __VM function| clearImmediate function| setImmediate object| ats object| googletag object| apstag function| __tcfapi object| _qevents object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_tag_data object| google_js_reporting_queue object| regeneratorRuntime function| __tcfapiui function| __uspapi function| ha object| cnvr_launcher_options function| quantserve function| __qc object| ezt object| _qoptions undefined| google_measure_js_timing object| conversant object| hadron boolean| __halo_loaded__ object| ID5 object| __id5_instances object| PublisherCommonId object| au object| publink_options object| coreid object| edktInitializor

2 Cookies

Domain/Path Name / Value
www.elderscrollsbote.de/ Name: _lr_geo_location
Value: DE
.script.ac/ Name: __cf_bm
Value: oHvbvTlx9TyrRswe1zq4gIZpfK4q00BygcJvbW6zwOQ-1697553692-0-ARisXdfpe3hTpBxmHr88d/7NTWu7H9FQ2CTfjgYhzcjhXg5Wc2as4b9dmZt5iGw8P1xWe5/LR4XPJeV2lrYi3Mk=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad-delivery.net
ats.rlcdn.com
audit-tcfv2.cmp.quantcast.com
c.amazon-adsystem.com
cadmus.script.ac
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
cmp.quantcast.com
config.aps.amazon-adsystem.com
geo.privacymanager.io
hb.vntsm.com
hb.vntsm.io
i.clean.gg
id.hadron.ad.gt
proc.ad.cpe.dotomi.com
rules.quantcount.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
test.cmp.quantcast.com
track.venatusmedia.com
www.elderscrollsbote.de
www.gameplorer.de
i.clean.gg
13.32.99.35
143.204.98.49
18.66.110.17
23.57.19.78
2400:52e0:1e00::1080:1
2600:9000:211e:9600:9:46dc:4700:93a1
2600:9000:223c:e600:6:44e3:f8c0:93a1
2600:9000:225e:1e00:3:a4cd:8380:93a1
2606:4700:10::6816:2e8e
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:246
2606:4700:3033::ac43:d19f
2606:4700::6812:1791
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:808::2002
2a02:fa8:8806:12::1460
2a06:98c1:3120::3
2a06:98c1:3121::3
34.120.111.33
35.159.8.25
54.74.36.212
99.86.4.71
030e49b77a6a332abf1f1b37636f45bf709383d3ac85be2c89171829917a1912
0554578da1559be93865ab85e0d3a49b54075966d4e9fa4333e02e06b0e92e6a
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
1eba35f85996c2587e2e265d182bfe238af986a40775682feb00249c650c4bfd
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
2777728b6a843d0c9f4cf48ee4ae0d6578ee7c565c15c32c29e48640893d52ee
37821df84601f1f8c1177e18b39fdf29abdde356af815b821b789cd5b9613658
398ded36b014a32e4b91b33b73639e17660591686d6a80a94f62560c0cf066a3
3b2cf3ff28c623d318ac7c4485d052da1a6fa492128d724dde4df63bbbf760b2
3b9cf76d6e0b9e1131c9912639dcd10696b6ec8daf29f25d5f11ca81673564fa
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
442049812a5dd63f21790ec983b3bbeebe0076f0d577e4c21aa258b9e41d08e8
466fee0a1ac33a3d7e02bc06bcff70c7cb24fde0dfd47373bbd6735c135b8759
481e74ed793add23ec1387aabc2f3bf0e0c99d0435285f06398fc5a1c3044afe
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
5588a25192a335bfb14d7e73a6bc01defe9431cbc9f0a4485dc0bd038b0bd67b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5abfda0176f11e766213cad2572c49bb48b4671adc21c5050aee8543c4395ecb
61c8368f1d6aee4231aef9e92d074d0e07937cf666dd9bda043a61371ee85f47
6835151bd3260787d6eb21870f998a5482becaa6855a35f9393b5afbaa7b0563
6dbedada2a4d7c019d0553171ece2c270a3cb7b5beea450bce5e26009d11d797
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7f30a1f522776df2a816b1abd4f8a7e95ab751c655c8a9c4492b8a81e1356ac9
80d90b0268c4ae59eee839d1f9f7bd0113aaf94795aa1e6857565b3bfbfc4c53
83777842e1d7a8a995b3013c4e5df77e513327e0fbe3a40cad620e3614aabc41
857525b704b4d76c91f2c0f2b409b9cd582abe0510e32d83342dc2cd57bbc3b0
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
8b5149757c0da8c26fa2fa9d3f6190cdcf4b16b9eabc4cde2cc94301054c13e6
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
983a039b427ae5761189daf2f4f87a65386e6006fc4cec5e4fd3ff96d84d06e8
a0009f85278ff0fe035dbde61a064fd0d198be132928426c353c17fd18b8faef
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a8125d8eecb80041580b64c5f70fbd2b70baf0d063d50b0885088f0b812df31d
ad5f256bb34da21478ebb6248b2781894cc58e36306a914156cda23395c22713
ae79e9d258d8a5279ebb7b726485c5a74bab661c29617a3b2cc2d5e0741be191
afecc76e4e6fc00c913ded96cb77d9f0d014548ebcebc99e73b0354850c08a6f
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0aa641b64783ca780539459be195a8f41c841a9a73bb81358f9cfb10d1c96a4
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d91b33251a9702933272996fae415ff9078e511b45b6933dae08bab3201f5fd9
dccd85e417937c6e1bd902d9e61d7d801d7ec18fc9d53c46ddabf7abf85cc836
dfed71627a698aed0f3570192b00e56525b0efe0c27ecb46eddd42fb7f67afde
e9c9d9e24498d49f73d841bb103071b606acbdce264ece5a0a572376c0d1c422
ecc391ba1e7f99ce1b4ab68620b4a8a7c116d411fc1585dec1838dcf9eff7600
f058511b904de35902f814231968fab5d08b56ce444e3fdefa0d33e9cf1ec5be
f3dfdae95ba14389dc6aaa4d569b73ba5deb3fbe696f6f905e542c3bc62edb57
f7a06d8241b068f1d77eeabbb9aa151b80c89e1af30577b18b2aa2517a1cf545
fc4d2e87b1cc232666652729a14b347dcfc274944cd74455761ffb3e5076d92c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff8976c5b06a86af543bd5e0313493efc9c4bc2957cc27da148afeb1d692c479