2014.intermediatms.com Open in urlscan Pro
2606:4700:3030::ac43:d7e8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://confirmityplus.intermediadev.com/
Effective URL:
https://2014.intermediatms.com/
Submission: On May 26 via automatic, source certstream-suspicious (May 26th 2021, 9:21:05 am UTC)

Summary HTTP 101 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 101 HTTP transactions. The main IP is 2606:4700:3030::ac43:d7e8, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2014.intermediatms.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2020. Valid for: a year.

This is the only time 2014.intermediatms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	178.62.15.97 178.62.15.97	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 61	2606:4700:303... 2606:4700:3030::ac43:d7e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:b0c0:1:d... 2a03:b0c0:1:d0::7f7:1	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	151.101.112.217 151.101.112.217	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
101	12

1 178.62.15.97 (London, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

confirmityplus.intermediadev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2606:4700:3030::ac43:d7e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

2014.intermediatms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:b0c0:1:d0::7f7:1 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

protection.clickguardian.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	intermediatms.com 1 redirects 2014.intermediatms.com	1 MB
22	google.com maps.google.com	345 KB
9	gstatic.com maps.gstatic.com fonts.gstatic.com	51 KB
4	googleapis.com maps.googleapis.com fonts.googleapis.com	5 KB
2	clickguardian.co.uk protection.clickguardian.co.uk	994 B
2	google-analytics.com www.google-analytics.com	19 KB
1	doubleclick.net stats.g.doubleclick.net	89 B
1	vimeo.com player.vimeo.com
1	intermediadev.com 1 redirects confirmityplus.intermediadev.com	88 B
101	9

	Domain	Requested by
61	2014.intermediatms.com	1 redirects 2014.intermediatms.com maps.google.com
22	maps.google.com	2014.intermediatms.com maps.google.com
6	maps.gstatic.com	2014.intermediatms.com maps.google.com
3	fonts.gstatic.com	fonts.googleapis.com
3	maps.googleapis.com	maps.google.com
2	protection.clickguardian.co.uk	2014.intermediatms.com protection.clickguardian.co.uk
2	www.google-analytics.com	2014.intermediatms.com www.google-analytics.com
1	fonts.googleapis.com	maps.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	player.vimeo.com	2014.intermediatms.com
1	confirmityplus.intermediadev.com	1 redirects
101	11

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
maps.google.com
www.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
protection.clickguardian.co.uk R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-21` - `2022-06-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://2014.intermediatms.com/
Frame ID: 49330E9624B166C350CCC180F89E301A
Requests: 132 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://confirmityplus.intermediadev.com/ HTTP 301
https://2014.intermediatms.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

101
Requests

100 %
HTTPS

83 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

1644 kB
Transfer

2291 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/intermedia-total-marketing-solutions-ltd/

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?ll=53.474323,-2.297729&z=16&t=m&hl=en-US&gl=US&mapclient=apiv3

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en-US_US/help/terms_maps.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/@53.474323,-2.297729,16z/data=!10m1!1e1!12b1?source=apiv3&rapsrc=apiv3
Title: Report a map error

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://confirmityplus.intermediadev.com/ HTTP 301
https://2014.intermediatms.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://2014.intermediatms.com/img/campaigns/ph-jones/logo_.png HTTP 301
https://2014.intermediatms.com/

101 HTTP transactions
31 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
2014.intermediatms.com/
Redirect Chain

https://confirmityplus.intermediadev.com/
https://2014.intermediatms.com/

16 KB
5 KB

78ms
51ms

Document
text/html

2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2014.intermediatms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b043eaba472750c655890643a512572119cf0cfec70020fcef81c877b760b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 2014.intermediatms.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; path=/ v=20210526; expires=Thu, 26-May-2022 09:20:48 GMT; Max-Age=31536000; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 0a499314ea00001f3d4339b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OEgTuvgl6bY6LJ7maDAjKzDJgLoERy4sDsFF80M1ulH0tntxk9dNLAbsX1yhwbhhvvRF%2FNDxaCn2hrrDSRbJ7niZaKt3LrBvCnthsbySmDNK2iUCXFC1LtuvaKLkaohz7O3j%2F1zqM8D73tXSCTBtJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6555ee017abd1f3d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx/1.17.3
date: Wed, 26 May 2021 09:20:48 GMT
content-type: text/html
content-length: 169
location: https://2014.intermediatms.com/

GET
H3-29 200 app.min.css
2014.intermediatms.com/css/ 94 KB
61 KB 168ms
153ms Stylesheet
text/css 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2014.intermediatms.com/css/app.min.css

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ec1773ab8a3f1ccc1c19503051024ee638f6bbd9b65e3689b772b097fd0df9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /css/app.min.css
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a499315410000dfc32d96a000000001
last-modified: Thu, 19 Dec 2019 14:41:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dfb8c29-179bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5nx5w3WVKK3y76jKvaY2eDvUNr%2BDh%2BoQIho%2BmNhuQZN2re70IWtGqu7SX2dycukiXXQXIIVvyVL7qgciqUr8rqirjdWLjZfeLkgzG154vDyGwhvrskxe8m1uLDsfg2E8CVB1jdQ%2BSlDP77TpDHgGkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 6555ee01e839dfc3-FRA

GET
H3-29 200 navtrigger.png
2014.intermediatms.com/img/ 131 B
737 B 116ms
104ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/navtrigger.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf88008f2afe10f24d6faea715816d395e77abc085921b23a27b8bba7d8f5f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/navtrigger.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131
cf-request-id: 0a4993152f0000dfc3dea88000000001
last-modified: Thu, 19 Dec 2019 14:42:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3b-83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eX%2BczTWmJrOGnPNaEfYK7cGTWxs9zC4hnxiRz3xmNqPBLJw4w2D98gBEcbOLqSXjWMoQs%2Bjhga0%2F%2F6HW2eYu8ald6BqkN97yxgg5lxxQB925rA%2Fjb1VIETaaf1GW1BUvEQzq506PMXxfIxWz21G5Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e801dfc3-FRA

GET
H3-29 200 logo.png
2014.intermediatms.com/img/ 3 KB
4 KB 157ms
146ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/logo.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e32cd4d27ea7543264f4000eb736dc72cfae791a237caa51384f6c405ed72da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/logo.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3097
cf-request-id: 0a499315350000dfc32aaa0000000001
last-modified: Thu, 19 Dec 2019 14:42:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3b-c19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K5vAXlrkZ3gpnCQBxsX4tyet1l9%2BFelzyQVgg4tr80SoKDvhemzLxuHRohdP8s9cx%2BH60NFX9tuk3vXFFdIcSU%2BYe3g6K1fAeDP3b6%2FK5b9HQHCwzix4EuHGp92RhSE3sSCD29YPVp%2Bu7g6H3Et8MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e815dfc3-FRA

GET
H3-29 200 thumb.jpg
2014.intermediatms.com/img/campaigns/gap/ 19 KB
20 KB 132ms
122ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/gap/thumb.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc695d62adc9b2a9b24ab809498802c3cb45f25a2b07daef26be640d130a5a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/gap/thumb.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19962
cf-request-id: 0a499315350000dfc3d299e000000001
last-modified: Thu, 19 Dec 2019 14:41:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c2e-4dfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=veqbEYyB%2Bh0VVpmJiwM0LjqU5NKvI4%2BUBpXRabcclczrq%2FURP3pji2buIbvF%2FyecMk2tOtEUPSQyBc9NIQufq%2B7pGcjpsUclB0mpmPX0lCRxHo0dPvWQGH1oPg6DkwAtNlyJbv3jtMYo4NgHRBHKHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e813dfc3-FRA

GET
H3-29 200 logo_.png
2014.intermediatms.com/img/campaigns/gap/ 3 KB
4 KB 124ms
114ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/gap/logo_.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7504a1a314fdd39099943d5e839859156fffdce33dae82cb141ae91b9692300a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/gap/logo_.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3221
cf-request-id: 0a499315340000dfc3ef104000000001
last-modified: Thu, 19 Dec 2019 14:41:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c2e-c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rmTZf0FC1px3hl1BMOjUPf%2BvS43zZmyBde1s2SKH8RlSDRAnJ46pA5E4AHz1BdqgWLbxus%2FQYWv7JnR78fv6K5U58V5Z2kSFams9NVC2v8Ii1lD7pp9LOA6AxB0AqVF7jx0FYIGj3MyibTtr2AIVkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e811dfc3-FRA

GET
H3-29 200 thumb.jpg
2014.intermediatms.com/img/campaigns/westbridge/ 38 KB
39 KB 126ms
116ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/westbridge/thumb.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3181e28d7de03ddad626c651060bea999ea3577ba0d49ff96579c6004a798d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/westbridge/thumb.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38958
cf-request-id: 0a499315380000dfc319343000000001
last-modified: Thu, 19 Dec 2019 14:41:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c37-982e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DsUspP8DRewsV61Hpesl38yRU0u9HndTlnXLCR2Nv7wah4%2FzoHDNX1nL3Ffc%2BXU9ahs6z6x%2FXeDaX8yTl7nSlQOA4F5OMguABqQPO1d0aZy%2BsrvlHmAAOPLvdyjKq%2BQ9qiotQuFUg0Pidb%2FAQyuqgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e810dfc3-FRA

GET
H3-29 200 logo_.png
2014.intermediatms.com/img/campaigns/westbridge/ 4 KB
4 KB 121ms
111ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/westbridge/logo_.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4a85598885156df52d3d8d0b0ff99b8b95c862bf0b03b9d48d33a2342a80e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/westbridge/logo_.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3873
cf-request-id: 0a499315340000dfc319342000000001
last-modified: Thu, 19 Dec 2019 14:41:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c37-f21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IfF%2Fcxj7At8uC7zWPU1SPCcIYGnnZcw6k5CocmmJ74RBATq%2F7mDFy4sbQzySdsZ8nKZTE%2BRl%2FTQQCueMeZT6i%2BM1j9XqqR%2BYhzxxb%2BIMAROrVe9TeE9c909jg8AlFPyc69TbkrwZHaBOWQv1M25ZPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e80fdfc3-FRA

GET
H3-29 200 thumb.jpg
2014.intermediatms.com/img/campaigns/boughey/ 41 KB
41 KB 138ms
128ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/boughey/thumb.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6632f1fbe93d142488def68f51f745f286f62de532fda950be94d0fc6647cf81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/boughey/thumb.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41808
cf-request-id: 0a499315330000dfc3b71a0000000001
last-modified: Thu, 19 Dec 2019 14:41:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c2c-a350"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RAFh65RUWzzWFLqETZ4C4X5pGO2WRvPOzzEA%2FHiFkphDR1Eg%2B4wWx26i%2Bub%2F1OgTJ4UauJ4WLfNSxGbu0Rdde115n9PTijbXg30yPFlFzSdRS3IrifkyYkKaskQSnPP6USWeWKu9i7F9yC6Ms%2FmxTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e80edfc3-FRA

GET
H3-29 200 logo_.png
2014.intermediatms.com/img/campaigns/boughey/ 4 KB
4 KB 136ms
127ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/boughey/logo_.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23597856ffc9b8f0b4a5292df2eda3a982834f5a89b58843c97431236250eaee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/boughey/logo_.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3631
cf-request-id: 0a499315370000dfc3d6178000000001
last-modified: Thu, 19 Dec 2019 14:41:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c2c-e2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pOnwiQcQ60JqxOWn%2FKXihhvbZCrgKvLmB6E5LgpNvQpQoEEVkp1xkXr4VNNNurPSGvy8X65f0ganuEt6Uce0Y%2BQ1%2BCspltCPIFCqA1qNSVCHskRSwJ4TMdZTOGrsz9ItnJ3TGU3quFgZRnjMnE6BjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e80cdfc3-FRA

GET
H3-29 200 thumb.jpg
2014.intermediatms.com/img/campaigns/tuffnells/ 67 KB
68 KB 166ms
157ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/tuffnells/thumb.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23ec93c6b6b4ce5b349ad3b2c50dbff5a7565c83681a4b2ca682fe1ee9b1e888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/tuffnells/thumb.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68685
cf-request-id: 0a499315330000dfc3af13c000000001
last-modified: Thu, 19 Dec 2019 14:41:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c33-10c4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bFi2WuEIm93FTd1YefTSVJOEAwc0NnsRZ6F4lbVUmr5PPVU56z1ws20cCnsXhgWtjDtpI2XEVBpPe%2Bxqbjdfc0%2B0JRTMZRCR8m2Ed%2BbP8GJc2Kc7S8IOcLUyx1mkozymIgfI4VrPKdiiXDiUIUo%2F%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e80bdfc3-FRA

GET
H3-29 200 logo_.png
2014.intermediatms.com/img/campaigns/tuffnells/ 4 KB
5 KB 138ms
129ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/tuffnells/logo_.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff7b862380678d33fccb7185b3cb9f1170d3e5c9b1c3884f54d026ac04a2ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/tuffnells/logo_.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4415
cf-request-id: 0a499315320000dfc3eeab7000000001
last-modified: Thu, 19 Dec 2019 14:41:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c33-113f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ErrUAcxqtjK0mbXUz%2B4IoHaQqpw6ORg80q3YSELZERkRiWudBby0i3YGNcP5cmNsjaB%2FeXuFcuguJwsUOph4J8xmVJZTPxDbpHJc5N9hndnMPNDNaAK3NhLTRQKWw3f9uIOjUV99qpVoYd5GUJG%2BSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e808dfc3-FRA

GET
H3-29 200 thumb.jpg
2014.intermediatms.com/img/campaigns/la-cafetiere/ 20 KB
20 KB 114ms
105ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/la-cafetiere/thumb.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a059466e1af9b8bb8f90937257fa5e86fee7830f1bb2356a2125afb9e2c2c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/la-cafetiere/thumb.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20312
cf-request-id: 0a499315320000dfc3d50ef000000001
last-modified: Thu, 19 Dec 2019 14:41:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c30-4f58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qSTBncS8arumzxVd3LAN6tORvICZlngzpnJKdkw3V8mNXhEwAQp9kEP6BvFgPXGREFnnYKC9rqA4IfH6o7KADFsKiIFFIPGYqI%2FNJIPyX6Ui7jYETLSpozjuTXT2mPcFmadw6N7zAaexyoquRCP%2BSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e806dfc3-FRA

GET
H3-29 200 logo_.png
2014.intermediatms.com/img/campaigns/la-cafetiere/ 2 KB
3 KB 167ms
158ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/la-cafetiere/logo_.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55182279b09c4c0bf26015549bccfe926f7bdca61636be09c6d900f2e4e1f69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/la-cafetiere/logo_.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2398
cf-request-id: 0a499315310000dfc3ba1d7000000001
last-modified: Thu, 19 Dec 2019 14:41:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c30-95e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9LMNXPDCi12tkVJQMVhm80K3FXamYrV0jfKSu94N%2Bz8s8pKfzO9lQYkfRR6Q%2BMYvuFj6iGE84%2FGr%2FfOX2mHfu6gklpg%2FwqrGJa5xCVnLDWeDfuueZF8hZDlbMATTXQ7RtdlJ4osV2f%2Bf41tagz4j1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e805dfc3-FRA

GET
H3-29 200 thumb.jpg
2014.intermediatms.com/img/campaigns/ph-jones/ 40 KB
41 KB 76ms
68ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/ph-jones/thumb.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e7e2b80650392b2910d74cbc89184d7d8e7e2cc81be34bfdb0b801d4b1c2ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/ph-jones/thumb.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40963
cf-request-id: 0a499315310000dfc331325000000001
last-modified: Thu, 19 Dec 2019 14:41:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c32-a003"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LqG0IVMAqt0I3gBP9ObVyj1PLFshXhkcKwfUWRgaaEyAbk52hHwxnLGQ5VLHz2vtRpv3SXe8mBnnhfm5rH74HRES87%2FafA0ksPd3m5AlJv3ygS%2FHvK20Xg0SyWjtkO%2FDCVy49TIpzcnFhQaM6pLdFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e804dfc3-FRA

GET
H3-29

200

/
2014.intermediatms.com/
Redirect Chain

https://2014.intermediatms.com/img/campaigns/ph-jones/logo_.png
https://2014.intermediatms.com/

16 KB
16 KB

51ms
46ms

Image
text/html

2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a499315d30000dfc3c2b1d000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SymYEyoXqxiDL8MK%2Fppw6mLpchIChcH2aEhXooORGQQf7X25ufavd6XfS8zY5wsnt3Yns8WcHmZwidDS2f5dGcvij84IN11%2BRDB4XzNtrvRqfk2P5E6Yrx28rWv4xNrPngxv7jWSdYNQRFpo0H76Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate
set-cookie: v=20210526; expires=Thu, 26-May-2022 09:20:49 GMT; Max-Age=31536000; path=/
cf-ray: 6555ee02e9c2dfc3-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4993153b0000dfc32936a000000001
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KApAUPFNc6F5P%2BiCbGG9hSGSsE3DG%2FiwUdItt%2FVcpbVX9c63ylG4XuXAd%2FsFGxT186uzhxi5ca0cxPYJ8BiR7votqLJ9K2%2FMTI1lhNaKNXF9%2BpFq23lAS5u9gXudx89by4LNmrbeWK48Ouqe5pbGvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://2014.intermediatms.com/
x-xss-protection: 1; mode=block
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6555ee01e833dfc3-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 unifrax.png
2014.intermediatms.com/img/clients/ 1 KB
2 KB 139ms
129ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/unifrax.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd6bebef6cde63e25753a866f0d87dd9b35ba0182cb79eaeb76aa3a70793a32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/unifrax.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1153
cf-request-id: 0a4993153b0000dfc316b9c000000001
last-modified: Thu, 19 Dec 2019 14:42:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3a-481"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rXGkxF61cejItYkG9tNffYH%2Fx2HwwaGap8XMvn00nVikVRCYOvTbacxvuMOJckAVFR%2Bnshnc1Qc4WH6%2FMDUMoISV%2Ffy1541qWEnjqD9%2FyyPZjFuXbX1QSTA8N1gfi6IjXc%2F8T7o35q4vdQVnXLfCqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e832dfc3-FRA

GET
H3-29 200 gap-personnel.png
2014.intermediatms.com/img/clients/ 2 KB
3 KB 162ms
152ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/gap-personnel.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

539a1df91e169ba7877c9a583583f0df8a41cd327ed35e3a0bb9e96f07f7b41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/gap-personnel.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2153
cf-request-id: 0a499315400000dfc3d50f1000000001
last-modified: Thu, 19 Dec 2019 14:42:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c39-869"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cWDbIDl7%2FIHp8XApU2uEGsDlSjENpJAUribYM6Qoljqo8COM2azPUqteF2hJ6gCRDnxByj8Ld5G69ko9GUVwk9v7tkMd863RMRdzdFnCfAx6srbu4e%2BmxVWQUlUgVkcEffP11472JLvI0RE5%2FDDdew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e830dfc3-FRA

GET
H3-29 200 westbridge.png
2014.intermediatms.com/img/clients/ 3 KB
3 KB 132ms
123ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/westbridge.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d79a815ab86a75c48bf2f9d8b623a9d9dddbe3600c4198a315f58957c2425019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/westbridge.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2709
cf-request-id: 0a4993153a0000dfc3dea89000000001
last-modified: Thu, 19 Dec 2019 14:42:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3a-a95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tdYdCMshd6DgbZlqKeJcZYT1VEjZ12TF7oOqFgxcnuckcnhO4bfZO9nTw503wuWvf5FwSxgGu2J8toIsDk9BZrYdi1BWtIJjfVs4%2Boe4F8m3xhHmRZHWENldmqMKTs7Dh9adbg7zZeiEQuwMPhiDOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e82edfc3-FRA

GET
H3-29 200 velcro.png
2014.intermediatms.com/img/clients/ 2 KB
3 KB 132ms
123ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/velcro.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11e7045c73e94ba5c575e5868164c329aea180e5d173f58086dd8686cc9b1651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/velcro.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2107
cf-request-id: 0a4993153a0000dfc3cb9fd000000001
last-modified: Thu, 19 Dec 2019 14:42:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3a-83b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dlRyTe73GFK2oMS%2FHYjbsJ4CqDSM623wiGrkWfXxsVwhMplCYuMB2ewrZboPYJeNE4miJVk%2BtCwKAyBY1rP1AlNyAjHIT%2FymS%2FaYA6eqVigOm8uRGNWpgjHBB4XwtQFEYNLSGIxX91OJErutG1HZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e82cdfc3-FRA

GET
H3-29 200 henry-bath.png
2014.intermediatms.com/img/clients/ 5 KB
6 KB 164ms
155ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/henry-bath.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36191cb0e4b79c6b09daae80d77a2def340343954cb4ba0c5ba4a9a903feb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/henry-bath.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5385
cf-request-id: 0a4993153c0000dfc3bc269000000001
last-modified: Thu, 19 Dec 2019 14:42:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c39-1509"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7NIpJRuj3qMecPxYidNpklQKtNEAX923Mx%2F1f15iBWSIXbzCryGbWLv%2B8Mm0iuwR8osMNqEKTZe437msEkNvjbjq4tVwiJ8A2hK28jRgWBgFOg65vIwm%2FKXZoBZNp47SZYcIJKn8b%2FuLQJdaTMit1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e82adfc3-FRA

GET
H3-29 200 dee-valley-water.png
2014.intermediatms.com/img/clients/ 2 KB
3 KB 137ms
128ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/dee-valley-water.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8d33f0f494c2c0add6c0f7809761c5591c3a7ab7def8aa8b7cba4fba92ff3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/dee-valley-water.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2444
cf-request-id: 0a499315390000dfc30917d000000001
last-modified: Thu, 19 Dec 2019 14:42:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c39-98c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iDYoKcU%2FUuO0X7k%2FqND5meRF74DKmnQz5L7Ltoeq%2BQyhFjqbOBE4QdPNmNr%2FHTvsoX%2FFIgKzvAUloKlUpcg%2BzVk9Ul%2Bu3VPj4IX05%2FBYy5beKMTCv1w%2F3p9i%2BzhUkYJpd8FqsoVZALYWCWAvAFa0ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e827dfc3-FRA

GET
H3-29 200 ph-jones.png
2014.intermediatms.com/img/clients/ 2 KB
2 KB 152ms
143ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/ph-jones.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dfbbf7b071c94c727406be74f56303d138befd817eb73b7ceac3710a5e04db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/ph-jones.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1724
cf-request-id: 0a4993153c0000dfc3b4b0b000000001
last-modified: Thu, 19 Dec 2019 14:42:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3a-6bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7aD4Vx5HSIQaQ0MtgAhACg4yt0tobs1EMYdWXwFWwDbjywEL1qxKKoy21VbCNJvGao61A3QWMdxbLAzCZiciN%2FnaFoEhsdoT2cAk0%2FXsY0lszN6NC%2FUz9zRs7xfoteq53t1hjPKabcGyltQGwthEoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e825dfc3-FRA

GET
H3-29 200 carole-nash.png
2014.intermediatms.com/img/clients/ 3 KB
4 KB 179ms
171ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/carole-nash.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b101f76f629bcde26478fa6bfbd146e0362d030ac54e9e4420cc04829e358f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/carole-nash.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3088
cf-request-id: 0a499315380000dfc323a8f000000001
last-modified: Thu, 19 Dec 2019 14:42:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c38-c10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9H%2BwT0aUBXOGNQ5KnCu1iSLLUxVyf9MJHgnBe2oL8ZJc1%2Bbu0HtIjL5lUGxJJGrTkA%2FssmS5YqQPMnVeAQtCIBiAqRS2csIuAi8GvPkYDwEM4EWeNzMdMNoK6usRnl3opn46hTVXXVTEzXYN3QuZ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e823dfc3-FRA

GET
H3-29 200 bridgford.png
2014.intermediatms.com/img/clients/ 3 KB
4 KB 148ms
139ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/bridgford.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca61e6a83f5bc8da11119a4ad3648738d4480ce5004368b7567bcbe28c0ea84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/bridgford.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3238
cf-request-id: 0a499315370000dfc30b90a000000001
last-modified: Thu, 19 Dec 2019 14:42:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c38-ca6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7l%2FjV31vBK00OcY7yKZsGYcy02vMV51r1XIfMlEVDJ4%2BEGgwPE9YWgXvExThdqqy%2F9%2B7dzjSahncipdo13bNGKDFn32dCraM3dIvE0RYuCHtrKlDdf3AaBafbJC7pMLKrxCktLbfjSjGlJnExDhr7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e822dfc3-FRA

GET
H3-29 200 arch.png
2014.intermediatms.com/img/clients/ 2 KB
3 KB 120ms
112ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/arch.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07687c926fad4b9035d186b2742b0db826a65f20b13260f22ae20479a31fe0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/arch.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2232
cf-request-id: 0a499315370000dfc3a8b6f000000001
last-modified: Thu, 19 Dec 2019 14:42:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c38-8b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U3BXNUkqemMrLpzGrcgAPy8rrQY94lr4M2c4peDP%2B0GSm5ku1KMY3YIS69rG3IORpnC6Xbq2fRIj%2F26DmmxZZtuT75PdAYoIPtsRqKvx8g0vZISTgGmj42Iv5Z6wcluTNf7CJTI0%2BjAqKzMLLyojow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e81fdfc3-FRA

GET
H3-29 200 boughey.png
2014.intermediatms.com/img/clients/ 2 KB
3 KB 131ms
123ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/boughey.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ca3a8f2b49a772b7dd162c4e25bfdadfbda3816f2f29736f64bb59dada4c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/boughey.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2126
cf-request-id: 0a499315370000dfc3fd985000000001
last-modified: Thu, 19 Dec 2019 14:42:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c38-84e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JP61PgIsdos1ot0Nvo0SrGDHa8%2FqTh6ZdoazfhAlvIz0cOUPmjMwJYzTG9QRnWj%2Fhidh5rVkgI%2Bu7l%2BjW8xm1yxbrVTGlD3pelOBs5pVdID5JTYOJHU5lIpoB2ymVP42mQOt%2FAlEMgEolL97ajDcWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e81edfc3-FRA

GET
H3-29 200 la-cafetiere.png
2014.intermediatms.com/img/clients/ 1 KB
2 KB 130ms
123ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/la-cafetiere.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

391320ec4ddd76cb7aa8dbaf74210032be835f176132ac47b70fc0f768332704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/la-cafetiere.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1527
cf-request-id: 0a499315360000dfc3dc1b9000000001
last-modified: Thu, 19 Dec 2019 14:42:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c39-5f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=foYXNhib%2BwTbsuXN6xYtrxGs%2B6xzp5vEkvspiFHQUHw0lv9TlgcoBu16deSjUEM%2BG%2FeqMLT74TcrhRuIk3WY6MkJpTWDqLzYcjUMQZAHNlPXPx0ckovPmRRebvqYCL9MnD3%2B%2BeKBvSM5F%2Brltkwazg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e81ddfc3-FRA

GET
H3-29 200 palm-recycling.png
2014.intermediatms.com/img/clients/ 2 KB
3 KB 132ms
125ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/palm-recycling.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aac519e5d5eb121188175cbc222f624279f651a6f04e4b4e83840a74753f3e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/palm-recycling.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2264
cf-request-id: 0a499315360000dfc3cd168000000001
last-modified: Thu, 19 Dec 2019 14:42:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c39-8d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xIiHZ7EoKRPwwJA%2BGYr3ONZVhTtxOp%2BrC6LdLlYjM%2BzPjU0UP8BuZQSQPELSSO%2BdZaki2wfScmsxHSMFtOHbzSgB%2FMs2yCxMuX648iT32yLKHKEOdpE5hp%2F1ZgSTZelDUsu%2F1y2PQ74wFWcLmWLtoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e81cdfc3-FRA

GET
H3-29 200 styles-wood.png
2014.intermediatms.com/img/clients/ 2 KB
3 KB 149ms
140ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/styles-wood.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17aacce45052fb5c45ede3f5281f671d19eb9fd22408a021940bad5f01814eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/styles-wood.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2126
cf-request-id: 0a499315400000dfc3aa310000000001
last-modified: Thu, 19 Dec 2019 14:42:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3a-84e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FyOSnDrw9XHOxM53mhluQ48cOkqWcHD%2BxkE6hQF4Cef2QM5GLrB7VooONozqeAoZOeIyF10dWNhWI84PpV2aq2MnH%2FZ2V8Xf0z5nyjC0pyt%2FKtTlq6vt2m%2FdYvFWfHqTk0NNhnGcgjkkjHcWioaT1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e84cdfc3-FRA

GET
H3-29 200 buoyant-upholstery.png
2014.intermediatms.com/img/clients/ 3 KB
3 KB 171ms
162ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/buoyant-upholstery.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c136c95ca5fdcb2a94a2973d0aca4bd9fbf8e0a7603fcf30874699ca6d73aaf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/buoyant-upholstery.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2580
cf-request-id: 0a499315430000dfc3d50f2000000001
last-modified: Thu, 19 Dec 2019 14:42:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c38-a14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p88YJuEt5J2e9y4FnXznn%2Bic0KKs6KwraOvr4KOAed47TwkDUKaRAsHt0Gt%2BPcO8sFnyI6bvFrLAbc58Sul9Xdn7GdqBCwNr8S3nZ4ZeBqG9RtesZOmoWW6gciNfNmrRWzdkEgZFzhWWf%2By%2BqH0Cbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e84bdfc3-FRA

GET
H3-29 200 fresenius-kabi.png
2014.intermediatms.com/img/clients/ 2 KB
2 KB 148ms
139ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/fresenius-kabi.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0aa770b7837abe3526f4324cb1bb4745dfc8ab0bf43a66caf65888a7bd883c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/fresenius-kabi.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1861
cf-request-id: 0a4993153f0000dfc3b2105000000001
last-modified: Thu, 19 Dec 2019 14:42:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c39-745"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LxQ8NnXCrJCKY25bGNY1GfIcA24Z2iE7y%2FRhaLD6lB1xOZlQr%2BzXjGkoLWaI3PEn6Ke6x42jvoIKhGapGeAg4fWE1TQmns1%2BbMG2d2rUJkLs1k%2F7XYeL8RdB%2FecD5AJMNan9pWslck7gGW2V6o4fvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e849dfc3-FRA

GET
H3-29 200 chester-racecourse.png
2014.intermediatms.com/img/clients/ 5 KB
6 KB 146ms
137ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/chester-racecourse.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89f8a66e1bb9f3bb240945ebb640449a04d3861db41a85a46dae71df95e583f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/chester-racecourse.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5178
cf-request-id: 0a4993153f0000dfc3ef105000000001
last-modified: Thu, 19 Dec 2019 14:42:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c38-143a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7cmDAI%2BS1UfRNd4idVHaAqheBYi%2B5PiHyUXASpQsorux8AbpZHls5VwJ5aa9XvUMSPx6vQzKLjYPb8B%2BfAbbJALjlzBnsoiV1njeaPvxZeluWgtslJvorJWIWktSur1dwPE8V%2BjrX8GkFMO%2FySrAjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e847dfc3-FRA

GET
H3-29 200 meridian.png
2014.intermediatms.com/img/clients/ 2 KB
3 KB 170ms
162ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/clients/meridian.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

052bb668864c3df95cbed5d9df6235593f0599dd968d6647631d0beeedc01196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/clients/meridian.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1968
cf-request-id: 0a4993153f0000dfc3dc1ba000000001
last-modified: Thu, 19 Dec 2019 14:42:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c39-7b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BsCleS8iXM9AYxcD7T3IKIJC4PF7LuloUpnQt4xVJt7A53V6uLfaV5hiEAg%2BK0RqhoW2odbhzMgaWqSqLcraYLUeqnyOMdRCx6RECQodJNQJWPEug9CzarBxQSBxzk7iu%2BlvQcZq%2BL2n2%2F0PLqkBkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e846dfc3-FRA

GET
H3-29 200 nik-stapleton.jpg
2014.intermediatms.com/img/people/ 42 KB
42 KB 156ms
147ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/people/nik-stapleton.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e1abe7a8d1674c071829278efc8ac82a6bf1f9c382083bc886b0e1e058a69aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/people/nik-stapleton.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42797
cf-request-id: 0a4993153e0000dfc3cd169000000001
last-modified: Thu, 19 Dec 2019 14:42:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3c-a72d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Yx7uOGvj%2Fs0QZKkY2ixXZy67qYQJbYvyQ4%2B2l5Bh%2B6KwlIngHHy4stFsxYK88geyHoe7Rdq8pa%2FSa8VZ083u%2BwIBv4lTWkcrv%2FHx0tiRUBaoRbVraNvIHzeSePOTFcFx9eIa9gPxDFk4uBlNfHLtJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e845dfc3-FRA

GET
H3-29 200 dino-maddalena.jpg
2014.intermediatms.com/img/people/ 30 KB
30 KB 167ms
159ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/people/dino-maddalena.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d0cf81dd44bdba413f71f201cccc175877073a5812c8e2e0e4826e74767357e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/people/dino-maddalena.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
cf-request-id: 0a4993153e0000dfc300182000000001
last-modified: Thu, 19 Dec 2019 14:42:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3c-7612"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f7s%2BjeLBLLvb6mYtz9OTt3WxLqKkCAawoQiD8eVaEQlUjlZWOrytAh%2F4mRxoU4sL3Me4Wlk6iIrUaXKMEAQZT%2B1kF9IJgaxPXuBb2cHZBd8kPYAC7F7cP0JheLdNCByBqTfjXx0CDxqcowOFALfD1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e843dfc3-FRA

GET
H3-29 200 mike-nield.jpg
2014.intermediatms.com/img/people/ 39 KB
39 KB 147ms
139ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/people/mike-nield.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8c3a3c1286581dc98296aa23a62130185e874983a1ea5c5f8b751238f478af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/people/mike-nield.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39680
cf-request-id: 0a4993153e0000dfc3f3b93000000001
last-modified: Thu, 19 Dec 2019 14:42:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3c-9b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2qv4D79D0t10jMl0Fobmedzx7Tn1T1Y8gHxhFcnMHB%2Bob1xC%2FqawycV0UK0xlZTpPxe1XYV7aO%2B8NjAHKoYSGcSMCV8sZCF4yi8VQeKJKSjvtvGFkiIQeVqH7ygoZ50RFR9w0EYrRIIKWk%2FrS25Gpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e842dfc3-FRA

GET
H3-29 200 linkedin.png
2014.intermediatms.com/img/social/ 391 B
998 B 153ms
146ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/social/linkedin.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba28b5cac4e98edf886d1344af915b7462a0e6c36b34ee5b242add7006d71c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/social/linkedin.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 391
cf-request-id: 0a4993153e0000dfc312b32000000001
last-modified: Thu, 19 Dec 2019 14:42:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3d-187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=45SpHlGCtuzof7TWL2a4Z93qdL5R8CRvhQT0Scz9uKu6ZcMRkFXFvZRzpO93wlcJxHcVOsmadvvlKHiGvzlCOjlB5XskQwDu%2FWZHycW9nNHRyAeiypRljU3D5Fh6U%2BDYl%2FsWBT7K5cLpLIDFXRRUsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e841dfc3-FRA

GET
H3-29 200 scroll.png
2014.intermediatms.com/img/ 500 B
1 KB 167ms
159ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/scroll.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691029b83097ef3189aa8dc5be8a3f5c40fa52c8a49925589a734c91f1f22f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/scroll.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 500
cf-request-id: 0a4993153d0000dfc3d299f000000001
last-modified: Thu, 19 Dec 2019 14:42:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3d-1f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qm6LOtCv5kif95Xk3GMut%2FiNDdyEwQyA%2FZ4xFXSW9WFtriyIS9UDf9cxAWStQzBCz8BayeRvUxg%2FHcmMHzfJFR8gP75muoVEvk4PwPv6uelRUreMqb%2BP7IyCQxZYSS576SOd3JvPGisyMJ5Q1tSRew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e83ddfc3-FRA

GET
H3-29 200 close.png
2014.intermediatms.com/img/ 849 B
1 KB 136ms
129ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/close.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4097c543658275c3dee6b5a613f9b9446927a9e9f90878b0b3155379cad45529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/close.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 849
cf-request-id: 0a4993153d0000dfc32d969000000001
last-modified: Thu, 19 Dec 2019 14:42:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3a-351"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LiAtG3diK2t0e1j%2B4KKk5NsgvRPfuK9GYjBa241Rxi%2FnzSDFMleeAeY1lQfjoJWpyv%2BLtCd6H3lrtRgqnwTm1DqJVH4EPUrwy257pLHJwmlijDrScFAKdZo9EnXMC7IJmpu17oSdQOlbJxAw2Ja3VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee01e836dfc3-FRA

GET
H3-29 200 email-decode.min.js Show response
2014.intermediatms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 35ms
25ms Script
application/javascript 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2014.intermediatms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0a499315300000dfc3bf285000000001
last-modified: Wed, 19 May 2021 09:21:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60a4d890-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JhhVPPFs0%2B8ZX4m%2ByOkxt%2F6ktSLzXEG3my4vP2nQlUdwf1kT8XiaZQFLOKV%2FYCdbTUxx73FtTlbWeoiY3d6a8afrN4%2FLqZJR7L%2BfqJBFhIxmDRSU6tDvp%2BYt5hHMzL7cyY7%2FS1Ed6dLzHURlG5ja8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 6555ee01e803dfc3-FRA
expires: Fri, 28 May 2021 09:20:48 GMT

GET
H3-29 200 jquery.min.js Show response
2014.intermediatms.com/js/ 94 KB
32 KB 156ms
143ms Script
application/javascript 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2014.intermediatms.com/js/jquery.min.js

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4993153d0000dfc319344000000001
last-modified: Thu, 19 Dec 2019 14:42:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dfb8c3f-176bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rKeP92L0pPHuri%2F58LhqUzieGsCyJZ8NS5BTA0PS0oprrrW8%2Bhyra954ohQnuAjgbb%2FvElVIMImpe0pkXusw%2BqYz5j56qRZ7567xkOI9ffHlCvxcelqlEGe8Udh0sLXF14C7Pw05QdlGZSMuZBdbog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 6555ee01e83bdfc3-FRA

GET
H3-29 200 jquery.placeholder.min.js Show response
2014.intermediatms.com/js/ 2 KB
1 KB 144ms
132ms Script
application/javascript 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2014.intermediatms.com/js/jquery.placeholder.min.js

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

917a86f3e6640702df5e81899e755ff0e88ef123c6aaa704efc6cd5c3e566f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/jquery.placeholder.min.js
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4993153c0000dfc31a96f000000001
last-modified: Thu, 19 Dec 2019 14:42:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dfb8c40-9a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ufgf9aCnyg46o6EYKPVEKewa8fb%2FUuPtnRH2xAXxHJECXyib%2Foo%2BUi3M95IjGmit%2Fup1rAWqJFF9ku2DJdQ5r3q%2FwBYQ7ioYoYhwKRucTtm2yQCSyniTq5rq70KFGOexI8C9dLBToNynfHRTWNlvCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 6555ee01e835dfc3-FRA

GET
H3-29 200 jquery.simplyscroll.min.js Show response
2014.intermediatms.com/js/ 7 KB
3 KB 115ms
105ms Script
application/javascript 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2014.intermediatms.com/js/jquery.simplyscroll.min.js

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee0c0ab6c68aba4282c6d3198982b737bdb962ce21f230f431a6379bc2261bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/jquery.simplyscroll.min.js
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4993152f0000dfc312b31000000001
last-modified: Thu, 19 Dec 2019 14:42:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dfb8c40-1db4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4ZKxT6LQnUd3npeYQdR%2FPNF1CGfaYlTODJsuIFz3vaeAEkiC99OpIIPGHy1psDgLAxlL3kqMnxRaGJ8%2FHHIKa03AXs%2FeZY8C%2BUgTgKTpfSINpajCXeNv9mUrV9tJRXdSiGsshbEcBxbE5hON9pr2Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 6555ee01e802dfc3-FRA

GET
H2 200 js Show response
maps.google.com/maps/api/ 127 KB
42 KB 72ms
44ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

ef73eb6d62e8daaab77f674b3349a5a4b662873fbbef564f70c3f4ce25338f4d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:48 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=24
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42442
x-xss-protection: 0
expires: Wed, 26 May 2021 09:50:48 GMT

GET
H3-29 200 app.min.js Show response
2014.intermediatms.com/js/ 4 KB
2 KB 133ms
122ms Script
application/javascript 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2014.intermediatms.com/js/app.min.js

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71d4d13cda0f6cb513c94d99a5f3d8731c6c01a134811fd1b356c243d27d1ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/app.min.js
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a499315360000dfc30493c000000001
last-modified: Thu, 19 Dec 2019 14:42:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dfb8c3e-1119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1TWiLe72W%2Bn4%2Ba3XNDvju%2FbcPy8NfyacZ31f85w29ORSwy5v4JwH%2BH0aXOIFcNcbq24mfKDvzpA7Mx2wjJVrUSGj8tLzl%2B9QyK3kb8MPOyDJ%2BuhU%2FS0LKxkV2LBvenbnKtxaerY1MeG6VSpFBpqBjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 6555ee01e81adfc3-FRA

GET
H3-29 200 home.min.js Show response
2014.intermediatms.com/js/ 5 KB
2 KB 146ms
136ms Script
application/javascript 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2014.intermediatms.com/js/home.min.js

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e06a49c861f25e60ac59bcc2a8f7db4ce98ad2effdb77eee87184a74a4d01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/home.min.js
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a499315350000dfc3e62f5000000001
last-modified: Thu, 19 Dec 2019 14:42:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dfb8c3f-1420"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SsOMC4WvIRDiIXn5bQXwexkV0XRwl2tBYNH%2FJu6etqZg2o%2Bw%2F%2BFe00fcIkBYaJC3ro1alaJYEw1UfVXNUjZEB3wfvzSB19zXC1pXlSM8JOdMZEhV%2BnHiHcIBLTysJvA1cXWITgmpkQbncr2nVjUKMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 6555ee01e818dfc3-FRA

GET
H3-29 200 video.jpg
2014.intermediatms.com/img/ 36 KB
36 KB 51ms
50ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/video.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/css/app.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cde694847af84f5d659da00372022d94316834bf383ee1519b953b6f9b7e13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/video.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/css/app.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36698
cf-request-id: 0a499315d90000dfc3ba1e1000000001
last-modified: Thu, 19 Dec 2019 14:42:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3e-8f5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=APWzdgsXRk4r1Gi0CsUviRVP7R7iWsVm7uayHn0TZgC7uDJ6JQ4RAYE%2BzGD0treRxXtpFTpSAyqOX%2BUTLnZ5J441Ur9YHhw7kCehAuTUhd3y5ygyPLqQbo0SEmjWXuTsbl0%2FK4w15I2z3TBN7S9Eow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee02f9cfdfc3-FRA

GET
H3-29 200 rightarrow.png
2014.intermediatms.com/img/ 352 B
961 B 49ms
48ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/rightarrow.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/css/app.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

909e73306e4fd7d7dc5c7dee34409a7d2a2b28bc045311eba61606f5e5f9c21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/rightarrow.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/css/app.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 352
cf-request-id: 0a499315d90000dfc3d50fc000000001
last-modified: Thu, 19 Dec 2019 14:42:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3d-160"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QRV3Fn6j9d46R2Mp%2FjS4WQZ4ge%2FMs1BT0eExyAkiUYxY9Xvne05473ybR4plCmM4sXHQiaB53TRSFasetnRjkRWPP%2FkflCgFXbWEmHNdOxlPnykHyaH%2Frdc%2BxHKSgwla%2BwJ0SY35CuHX1P9xtWiQJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee02f9d1dfc3-FRA

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48fddf1a61d8efe8fbbc4000bf24f7e217b4ca7a0eb2bd5bef4755bfc0e611a5

Request headers

Origin: https://2014.intermediatms.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H3-29 200 communication.png
2014.intermediatms.com/img/ 3 KB
3 KB 57ms
57ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/communication.png

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/css/app.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89c49089958a07fe102d56fc7e20e5fc1906fb08394ac1c0863f68aacc34c082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/communication.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/css/app.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2838
cf-request-id: 0a499315e30000dfc3e10e2000000001
last-modified: Thu, 19 Dec 2019 14:42:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3b-b16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LWErbndFDZwBk9%2BCGSFokgKlMRLpLJXIVyiKhjD9DiU44lJO8MP7kbxLqmKidZKm0yUWuL9YRcUGP5rqDFuQO6CxjGvRxD6I0HOwumsJGW%2BBEBh4djdsm3h2z5vA9gaUuiIy6W4oW60detyyEEvNKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee0309f9dfc3-FRA

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42be90ef7e0aff187b24810bb026060da19b13d26ed76add8163b5a63e9ba96f

Request headers

Origin: https://2014.intermediatms.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a792d00756df096d602334bb9b8f8ab2ad26da043ee10f8700c9d4010d111618

Request headers

Origin: https://2014.intermediatms.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6653
date: Wed, 26 May 2021 07:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 26 May 2021 09:29:56 GMT

GET
H/1.1 200
OK cgts.js Show response
protection.clickguardian.co.uk/ 542 B
657 B 97ms
21ms Script
application/x-javascript 2a03:b0c0:1:d0::7f7:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://protection.clickguardian.co.uk/cgts.js
Requested by: Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:1:d0::7f7:1 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e0a6397131af24cfd3c2bd399bdaa224fd31fd5cf372eb6f320b034761cdcfb2

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 09:20:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2015 10:58:49 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Thu, 26 May 2022 09:20:49 GMT

GET
H3-29 200 thumb_.jpg
2014.intermediatms.com/img/campaigns/gap/ 21 KB
21 KB 57ms
55ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/gap/thumb_.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611da0f6338ae3790e0ce27a223befd0031f870780a0122001873470ce56a7a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/gap/thumb_.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21242
cf-request-id: 0a4993166e0000dfc31a982000000001
last-modified: Thu, 19 Dec 2019 14:41:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c2f-52fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PmdUMXUgtNxXSoKWPh32e9z3ayKq5D7bUexjeXJoFZyxnyPCRwkRTCs%2FxPs7Esd97%2FPGM6PLNFUb7JEqAfCP7h%2FhVkO5l0QSn7q7F6QWGz%2FNb%2F0xQ%2FxkwiLZHBFczyns9Dj3Ot7Hp4OYNMbaR2HnKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee03eb8fdfc3-FRA

GET
H3-29 200 thumb_.jpg
2014.intermediatms.com/img/campaigns/westbridge/ 86 KB
87 KB 63ms
61ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/westbridge/thumb_.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96e7344b08d3241870315be72c4dba7d2c2a7e92a812150f34ab550e0ef362e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/westbridge/thumb_.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88308
cf-request-id: 0a499316720000dfc3d5106000000001
last-modified: Thu, 19 Dec 2019 14:41:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c37-158f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GBgXBJISY9zM%2BZyN01d%2F1UIq4Zt6CoeUQs1Is6GTfTKaObHu4CZHIpHyBWesO50teZlQG6%2BwDZGFdq8wouhmRFghf5vNxmheBKdM7zcN%2BgwzjNYzRJkOPaa%2BGZ8YXxKMsxflMz7w%2BCE5B3vYekIoBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee03eb91dfc3-FRA

GET
H3-29 200 thumb_.jpg
2014.intermediatms.com/img/campaigns/boughey/ 82 KB
82 KB 73ms
71ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/boughey/thumb_.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a491c23609529b3008cd7bc8db9adf836922a6fc12107a309e0b12967952e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/boughey/thumb_.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83790
cf-request-id: 0a4993166e0000dfc3b211a000000001
last-modified: Thu, 19 Dec 2019 14:41:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c2c-1474e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Qlc%2BHK8wAtau%2BmLcALQ3rwXRjQTFDu11MR9BgfrqBMY6Wy72hERWiLR9tYFRNuEgXZPRAqdO9UcN9z7gBZxMiMggHBDC3PbRZGZyoMvLXRWPEQelMrUbHIlCt9N6Ad1W%2FIJqETGpAxoKo8ATgAHQIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee03eb92dfc3-FRA

GET
H3-29 200 thumb_.jpg
2014.intermediatms.com/img/campaigns/tuffnells/ 90 KB
91 KB 83ms
81ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/tuffnells/thumb_.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ab30042d9eefe80cd4d3de1fbd1c948337371d3c185b950cb5e01baa0b7a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/tuffnells/thumb_.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92457
cf-request-id: 0a4993166e0000dfc3b71b3000000001
last-modified: Thu, 19 Dec 2019 14:41:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c33-16929"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eFlzeESNKb%2FbDvrkANaY2oG3yRL9X%2F5ouPGliwU%2FTee1NR%2BRQOxY3uRu05qmvoTq9Nma3U7tJbTsunpcHPMYw8tJzo8tTAvTMvFCZLyWls4onw9ubYaGCbjYVBh1Ve8ddYmWJCSaKZJRJm4MGIpp7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee03eb94dfc3-FRA

GET
H3-29 200 thumb_.jpg
2014.intermediatms.com/img/campaigns/la-cafetiere/ 19 KB
20 KB 68ms
66ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/la-cafetiere/thumb_.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3964b8606d42868a8a3bf33bd0fddeaf431afdc8dd79017190f2d818fe105d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/la-cafetiere/thumb_.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19517
cf-request-id: 0a4993166f0000dfc3bf29a000000001
last-modified: Thu, 19 Dec 2019 14:41:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c30-4c3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2xvh6LicFPeEsoDN8WTZxKbtv9aWbI43n00W2G9B5YQHdWapqpQxDrnJhWiaPFDXDD0%2FX7T5pgI%2BdB3xo8VU2J7kuOQ%2B%2FQf39mmIqjdTxCwY7EFuql0hJwIsVgshyUhXlDOIBaHJfL97XfT905TMGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee03eb95dfc3-FRA

GET
H3-29 200 thumb_.jpg
2014.intermediatms.com/img/campaigns/ph-jones/ 56 KB
57 KB 61ms
60ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/campaigns/ph-jones/thumb_.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfb6add7c8ec1d6cf9611d8883154b99019ddeee1a7ce50c855f52a00e6eb4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/campaigns/ph-jones/thumb_.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57717
cf-request-id: 0a4993166f0000dfc329380000000001
last-modified: Thu, 19 Dec 2019 14:41:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c32-e175"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pOfFccfQ%2BNd2XbPOsWAz68rsCtQfGDzSt%2Fb8jHgMi8ToEo%2FKaHsE1u8TrC4Frx7CLAqGQitcn%2FQa28AscpiYilAqlVnY31SKlGuOrGNlhdT4zPm4wNqdjLmAEafGC6Ng7Aj0J7VbiznRPGSeKzW5Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee03eb97dfc3-FRA

GET
H3-29 200 nik-stapleton_.jpg
2014.intermediatms.com/img/people/ 75 KB
76 KB 68ms
66ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/people/nik-stapleton_.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5eda0fb777df84c3b9af5738e79106c33cb6c20ef137dc9127bbb3de4433c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/people/nik-stapleton_.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77309
cf-request-id: 0a4993166f0000dfc3cba12000000001
last-modified: Thu, 19 Dec 2019 14:42:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3c-12dfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mejsGX2xVpUbcF5zMrlL4eN6nFLvi421YKz4knNdtYGBeMrhV%2BXOC4p05ohV8qTKg4atc7fxw4F%2BpD6%2F5GlS49bccU1rSVrs8QJ%2BF%2BTrbq%2FVxIA67TuhQqQvwiNhmUCk%2FHSqML7ZoaOW4lbD3le14w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee03eb98dfc3-FRA

GET
H3-29 200 dino-maddalena_.jpg
2014.intermediatms.com/img/people/ 48 KB
48 KB 71ms
69ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/people/dino-maddalena_.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd81a27c6625dfdab32d5b15aaf14f4f01557b779dedcfeb505f3510b98267d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/people/dino-maddalena_.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48880
cf-request-id: 0a499316700000dfc3aa321000000001
last-modified: Thu, 19 Dec 2019 14:42:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3c-bef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lWAEY3PYYGEITMpwXM4vDM3QqpR%2BziaHjlL%2Bn4RLtMr8pvypesILc9228tHyCWVOerLJ%2BVbPqJcc3EvDCgC5KXqCnhn5PUDF45aT4IecgkQW5m089ouZzN4l9%2B3pzTIhw%2FDZRYcLyhR8%2F4T8Tc%2FDSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee03eb9cdfc3-FRA

GET
H3-29 200 mike-nield_.jpg
2014.intermediatms.com/img/people/ 87 KB
88 KB 78ms
77ms Image
image/jpeg 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/people/mike-nield_.jpg

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b743451879ac4bc4719675971eccc555c3935b00e13e94a2a99109ca65d5ceb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/people/mike-nield_.jpg
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88994
cf-request-id: 0a499316700000dfc3d618e000000001
last-modified: Thu, 19 Dec 2019 14:42:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3c-15ba2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=glAgQyiYVm59jbgbp3NVwZs1qMlmAVXstGhXLopdfdAaoKSvzD5fea0gpklVf7C2GdqX6vYPZBjaDPefyO7mtoW14G0yz8sa0ZqqucokHgeXHIiEK4tHRAvH6iPc7NU619Y%2B%2BBJ7Pm13phLTrM9k1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee03eb9edfc3-FRA

GET
H/1.1 404
Not Found 119928572.sd.mp4
player.vimeo.com/external/ 0
0 178ms
148ms Media
text/html 151.101.112.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vimeo.com/external/119928572.sd.mp4?s=d950fb0a376ad702697b06661e8c0b17
Requested by: Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2014.intermediatms.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a4e261844682fa17db66e00384b24aea8faa33f7449529b3287f05a3091d1b3

Request headers

Origin: https://2014.intermediatms.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da829c9a038f451e0b77496d77799d143d872d04b7f6d154a70275ccdcf5ed0c

Request headers

Origin: https://2014.intermediatms.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7732025793d3e9e3d3d4b5d8b6ada7a3f1d06d5726eaea1be29cb5581598eb8a

Request headers

Origin: https://2014.intermediatms.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1196011857&t=pageview&_s=1&dl=https%3A%2F%2F2014.intermediatms.com%2F&ul=en-us&de=UTF-8&dt=Digital%20%26%20Creative%20Agency%20%7C%20Manchester%20%26%20Chester%20%7C%20Intermedia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1241751689&gjid=658132053&cid=575569226.1622020849&tid=UA-1205620-1&_gid=1305209272.1622020849&_r=1&_slc=1&z=818927853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2014.intermediatms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cgt.php Show response
protection.clickguardian.co.uk/ 0
337 B 89ms
23ms XHR
text/html 2a03:b0c0:1:d0::7f7:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://protection.clickguardian.co.uk/cgt.php
Requested by: Host: protection.clickguardian.co.uk
URL: https://protection.clickguardian.co.uk/cgts.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:1:d0::7f7:1 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 26 May 2021 09:20:49 GMT
Content-Encoding: gzip
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1205620-1&cid=575569226.1622020849&jid=1241751689&gjid=658132053&_gid=1305209272.1622020849&_u=IEBAAEAAAAAAAC~&z=1198218324

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 09:20:49 GMT
content-type: text/plain
access-control-allow-origin: https://2014.intermediatms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 common.js Show response
maps.google.com/maps-api-v3/api/js/44/14/ 85 KB
31 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/44/14/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:22 GMT
server: sffe
age: 576096
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31670
x-xss-protection: 0
expires: Thu, 19 May 2022 17:19:13 GMT

GET
H3-29 200 util.js Show response
maps.google.com/maps-api-v3/api/js/44/14/ 280 KB
86 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/44/14/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:22 GMT
server: sffe
age: 576095
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87588
x-xss-protection: 0
expires: Thu, 19 May 2022 17:19:14 GMT

GET
H3-29 200 map.js Show response
maps.google.com/maps-api-v3/api/js/44/14/ 57 KB
21 KB 24ms
12ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/44/14/map.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1375168a2cecd15446f9d96877bdd0bb44e0479e184ac1af1fcb0928d4a5f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:22 GMT
server: sffe
age: 576085
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21731
x-xss-protection: 0
expires: Thu, 19 May 2022 17:19:24 GMT

GET
H3-29 200 marker.js Show response
maps.google.com/maps-api-v3/api/js/44/14/ 38 KB
14 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/44/14/marker.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e1af3b6b8fc4963b1c066a82a029d9e8021b82874d1d9734a951d2addfffd55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:22 GMT
server: sffe
age: 576085
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14001
x-xss-protection: 0
expires: Thu, 19 May 2022 17:19:24 GMT

GET
H2 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ 326 B
470 B 14ms
14ms Image
image/bmp 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Wed, 26 May 2021 09:20:49 GMT

GET
H3-29 200 onion.js Show response
maps.google.com/maps-api-v3/api/js/44/14/ 25 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/44/14/onion.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb0b3a23a0197976f98cd3f6b6fcc579b97b0842f3c6a46c8836a1bfdddefb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:22 GMT
server: sffe
age: 576085
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9292
x-xss-protection: 0
expires: Thu, 19 May 2022 17:19:24 GMT

GET
H2 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ 30 KB
3 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d53.466800907598696&2d-2.3495890832379005&2m2&1d53.48164747538924&2d-2.246142030245771&2u16&4sen-US&5e0&6sm%40558000000&7b0&8e0&12e2&callback=_xdc_._sh6zdi&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=93060

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/44/14/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9f8860150d8dc5d373e7322578a7228be19db83db7c2069c8cefb8330fe79b3a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 09:20:49 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=31
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3435
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 transparent.png
maps.gstatic.com/mapfiles/ 68 B
89 B 22ms
21ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/transparent.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Wed, 26 May 2021 09:20:49 GMT

GET
H3-29 200 marker.png
2014.intermediatms.com/img/ 2 KB
3 KB 45ms
45ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/marker.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

612edfb25edb325f3ef072fd9b21a0a95a57cc20e3a2b02d8eb49e6155e584e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/marker.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526; _ga=GA1.2.575569226.1622020849; _gid=GA1.2.1305209272.1622020849; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2013
cf-request-id: 0a499317b30000dfc31a998000000001
last-modified: Thu, 19 Dec 2019 14:42:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3b-7dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SllcVuaOiVljONFKzKGiCvKOAdVH571JSvAD3DkBodsHTW8N2BMDpr9nqx72tZhu5tRfhE3gIRmMVyvpNVlBlyCVbXMG2tyZoqz7W%2B%2Br2uVzlx6EHEMG3AG6Og9%2BT2cRGgM7jrAzlZqG7832Xm1jZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee05eeebdfc3-FRA

GET
H3-29 200 vt
maps.google.com/maps/ 8 KB
8 KB 21ms
18ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32349!3i21204!4i256!2m3!1e0!2sm!3i558281972!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=12895

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

29a817ab8f2ffb826b31711867fa59550a183249bc47bc02a9c6c283ec5879c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=12
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8519
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 6 KB
6 KB 26ms
23ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32348!3i21204!4i256!2m3!1e0!2sm!3i558281972!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=112459

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

30084d261e626c3216c17d11084d8bbc41c4ca4b808f37ea525ae27689388aff

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=14
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 6 KB
6 KB 24ms
21ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32348!3i21203!4i256!2m3!1e0!2sm!3i558281972!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=102054

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

9f850ad638fc25604d8341ada2ecf0ad8f2b72cc19930dfb2f75b598e3dff732

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=13
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6061
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 8 KB
8 KB 22ms
19ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32349!3i21203!4i256!2m3!1e0!2sm!3i558281972!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=2490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

98f76bbad947b88029e412c6fc01a479aebfd8a12b5b2eb9e8d59f3f4652248e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=11
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7746
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 9 KB
9 KB 23ms
20ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32350!3i21203!4i256!2m3!1e0!2sm!3i558281972!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=62207

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

d4e6b6a920fc4d63287ad77ca75ce54dd9394b02513473a77e6c693ad77b8bcd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=12
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9023
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 10 KB
10 KB 26ms
24ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32350!3i21204!4i256!2m3!1e0!2sm!3i558281972!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=72612

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

7079952083647fc004b91230483cafe2d093ae974cc0a9cdef1216fcf38b0de8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=14
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10312
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 3 KB
3 KB 21ms
18ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32347!3i21204!4i256!2m3!1e0!2sm!3i558281936!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=51886

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

44021b95b9331839098cec7a62a2b9b78329bd6cf45d2ea9b74f76241a7a15e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=11
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2949
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 7 KB
7 KB 29ms
27ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32347!3i21203!4i256!2m3!1e0!2sm!3i558281936!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=41481

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

1708eab0e528d25582255e21f62a036709af4aec4b0895238389a081cd63ad01

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=19
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6855
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 10 KB
10 KB 34ms
32ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32351!3i21203!4i256!2m3!1e0!2sm!3i558281936!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=64648

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

7fe16b5161f44457889be63e7e060bcc54c94fb806cad66fc38a9a7f68d00bea

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=25
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9733
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 12 KB
12 KB 68ms
66ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32351!3i21204!4i256!2m3!1e0!2sm!3i558281960!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=96271

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

0dd069bcbd81b1685a31c7c17b94ae6b95a41a97aaaec4f9a711a4bd46320c97

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=59
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11920
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 8 KB
8 KB 28ms
26ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32346!3i21204!4i256!2m3!1e0!2sm!3i558281936!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=20379

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

172628cdeca65b795b8c3a7a1276b6dd45f6c54fb32d01fc3c7f76d46637bc9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=18
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8417
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 3 KB
3 KB 23ms
21ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32346!3i21203!4i256!2m3!1e0!2sm!3i558281936!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=9974

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

8f6c9e2592743ddda120935613e7c3e827699fc202f89a3b913ccf80bda8e2a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=12
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2962
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 11 KB
11 KB 28ms
26ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32352!3i21203!4i256!2m3!1e0!2sm!3i558281936!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=96155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

38647b1f8ea9c663f30b42a48afd2b32c84cca3d92b0e4f738254297c596c40d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=18
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11744
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt
maps.google.com/maps/ 13 KB
13 KB 58ms
56ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.google.com/maps/vt?pb=!1m5!1m4!1i16!2i32352!3i21204!4i256!2m3!1e0!2sm!3i558281900!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=83016

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

19c71f7f9c2583df9dc28b0d47f741589d69691a56cf8f622d06b558b266d4c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=49
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13098
x-xss-protection: 0
expires: Mon, 07 Feb 2022 14:11:11 GMT

GET
H3-29 200 vt Show response
maps.google.com/maps/ 14 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/vt?pb=!1m4!1m3!1i16!2i32346!3i21203!1m4!1m3!1i16!2i32347!3i21203!1m4!1m3!1i16!2i32346!3i21204!1m4!1m3!1i16!2i32347!3i21204!1m4!1m3!1i16!2i32348!3i21203!1m4!1m3!1i16!2i32349!3i21203!1m4!1m3!1i16!2i32350!3i21203!1m4!1m3!1i16!2i32351!3i21203!1m4!1m3!1i16!2i32348!3i21204!1m4!1m3!1i16!2i32349!3i21204!1m4!1m3!1i16!2i32350!3i21204!1m4!1m3!1i16!2i32351!3i21204!1m4!1m3!1i16!2i32352!3i21203!1m4!1m3!1i16!2i32352!3i21204!2m3!1e0!2sm!3i558282020!3m12!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1&callback=_xdc_._3jd1i8&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=97590

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

ecde808bfa8f48410bc46538cfb22848119dbf08f1adfc7774315550b3b9e319

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
server-timing: gfet4t7; dur=17
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3294
x-xss-protection: 0
x-server-version-bin: CggIBBChuLCFBg==
server: paintfe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=22222222
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Wed, 26 May 2021 09:20:49 GMT

GET
H3-29 200 marker.png
2014.intermediatms.com/img/ 2 KB
3 KB 18ms
18ms Image
image/png 2606:4700:3030::ac43:d7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2014.intermediatms.com/img/marker.png

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/44/14/util.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d7e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

612edfb25edb325f3ef072fd9b21a0a95a57cc20e3a2b02d8eb49e6155e584e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /img/marker.png
pragma: no-cache
cookie: PHPSESSID=p8uasmh3eduimdo6pg27vuola1; v=20210526; _ga=GA1.2.575569226.1622020849; _gid=GA1.2.1305209272.1622020849; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 2014.intermediatms.com
referer: https://2014.intermediatms.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2013
cf-request-id: 0a499317eb0000dfc3091a7000000001
last-modified: Thu, 19 Dec 2019 14:42:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dfb8c3b-7dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rRPzdzVLjtAoulXp%2Bt0aWlpeLU1CwsxvY1Ew1SrptDNb2lhrVN2EVdJJzjSz9S70VjIxuNElfiCXMxSKKMD%2FKQC9ro947f4GOCnig23zyYAErA8BCkfZ9RQNzFjdZH8kuDH1vyvn9eeC20wogTH9FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6555ee064f6edfc3-FRA

GET
H3-29 200 controls.js Show response
maps.google.com/maps-api-v3/api/js/44/14/ 90 KB
27 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/44/14/controls.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f62597761d6440800c5e7dd82856c8df95fed32a87eeda64343630f40f2020da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 17:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:22 GMT
server: sffe
age: 576084
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27690
x-xss-protection: 0
expires: Thu, 19 May 2022 17:19:25 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
83 B 92ms
78ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2F2014.intermediatms.com%2F&4sAIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&callback=_xdc_._5zoq68&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=71689

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

43bc2be753825e0ff4a2888200ae5ce7f0585358236455743c44988ea0f821b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 09:20:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=64
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 transparent.png
maps.gstatic.com/mapfiles/ 68 B
89 B 14ms
14ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/transparent.png

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/44/14/util.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Wed, 26 May 2021 09:20:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/44/14/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e9b05e5c8c113f2f1455100df8c7672b9da25c21ab5cdafe2ed64867e54ad10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 May 2021 08:13:55 GMT
server: ESF
date: Wed, 26 May 2021 09:20:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 May 2021 09:20:49 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745cd249aa9496dd24c88ae597827d4e82ea76e53eeb890fb85ce2a56a4863d8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 google4.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/google4.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
expires: Wed, 26 May 2021 09:20:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2014.intermediatms.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 129930
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 24 May 2022 21:15:20 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2014.intermediatms.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 277047
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 23 May 2022 04:23:23 GMT

GET
H3-29 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ 326 B
347 B 15ms
14ms Image
image/bmp 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: 2014.intermediatms.com
URL: https://2014.intermediatms.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Wed, 26 May 2021 09:20:50 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2014.intermediatms.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 00:12:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 119319
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 25 May 2022 00:12:11 GMT

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cafbc72c5f1ce01dfd4fa24ca8e045c60790b31f9ed1786eecb573283a4eb207

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 647 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2657ea95d715829d0813ae08b913dec1c09c052a5a5eb5b7b387ac0d7e5be924

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9458ee96a742f91d479bbba627caca8408afb1b66f55ec514e66ac4a3027edb5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d24416e42a3c1894f2d75caefd485e922377c66c6b1da5ed3b77a1c076545d3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52e4298d8ea2042be885d1d700156124df1850995e2a1c6f1e9f921e7a1eb22f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9687445fb917bd46c10aaed31d841f1f3a706b49cde1274cf3f91d081486a8d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fea5800a2519b46aa3ccacac1f9a19c8086d2ddc2d04d656656ba775fbd6ba0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68ec98e666510bfebfcbec2fa73d2d685d89bdda35a958ef6c3a8435d8667520

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce791f9765c10e3b60ee51d23d7265fb0ee44c5c5368cfdc012a939efccd5ac4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4319327494b8ca482d4aaf975d10be81295bbdaa9f3e9045c257d5167713e58a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcee64b6c93241fc14ae0fec1ca53d40ddc1790de811d39de042606c0f94fe9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f77b14aaf136857d885934d9045a8e6e88b97be6d9b912c63beaf5ed05e42b6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ee014cfbeb5bd0b44a8c2dd9ada81c3f25e1a2ee84308f8e13a310265a96181

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 205 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a54f658abd39fb5231ebbf32fd3ec4e26a833180abafaf4b732bb88ff318d6d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ 62 B
83 B 79ms
79ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2F2014.intermediatms.com%2F&3sAIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&7s59c1t5&10e1&callback=_xdc_._xf1t92&key=AIzaSyCk2f5xTG1Vn0qzPLvjtNXTjB1OAQ4vXd0&token=1160

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b52b8ef479c47e178fb65fcf2bc9786e8fc618d3e0cfbab4f5ba432d89f5415f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 09:20:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=65
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 google4.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 17ms
16ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/google4.png

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/44/14/util.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2014.intermediatms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:20:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
expires: Wed, 26 May 2021 09:20:50 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.intermediatms.com/	1970-01-19 18:33:40	Name: _gat Value: 1
.intermediatms.com/	1970-01-20 12:04:52	Name: _ga Value: GA1.2.575569226.1622020849
2014.intermediatms.com/	1970-01-20 03:19:16	Name: v Value: 20210526
.intermediatms.com/	1970-01-19 18:35:07	Name: _gid Value: GA1.2.1305209272.1622020849
2014.intermediatms.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: p8uasmh3eduimdo6pg27vuola1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://2014.intermediatms.com/js/home.min.js(Line 2) Message: after intro anim

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2014.intermediatms.com
confirmityplus.intermediadev.com
fonts.googleapis.com
fonts.gstatic.com
maps.google.com
maps.googleapis.com
maps.gstatic.com
player.vimeo.com
protection.clickguardian.co.uk
stats.g.doubleclick.net
www.google-analytics.com
151.101.112.217
178.62.15.97
2606:4700:3030::ac43:d7e8
2a00:1450:4001:802::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c04::9d
2a03:b0c0:1:d0::7f7:1
052bb668864c3df95cbed5d9df6235593f0599dd968d6647631d0beeedc01196
07687c926fad4b9035d186b2742b0db826a65f20b13260f22ae20479a31fe0b2
0b043eaba472750c655890643a512572119cf0cfec70020fcef81c877b760b3a
0dd069bcbd81b1685a31c7c17b94ae6b95a41a97aaaec4f9a711a4bd46320c97
11e7045c73e94ba5c575e5868164c329aea180e5d173f58086dd8686cc9b1651
1708eab0e528d25582255e21f62a036709af4aec4b0895238389a081cd63ad01
172628cdeca65b795b8c3a7a1276b6dd45f6c54fb32d01fc3c7f76d46637bc9a
17aacce45052fb5c45ede3f5281f671d19eb9fd22408a021940bad5f01814eea
19c71f7f9c2583df9dc28b0d47f741589d69691a56cf8f622d06b558b266d4c4
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005
23597856ffc9b8f0b4a5292df2eda3a982834f5a89b58843c97431236250eaee
23ec93c6b6b4ce5b349ad3b2c50dbff5a7565c83681a4b2ca682fe1ee9b1e888
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2657ea95d715829d0813ae08b913dec1c09c052a5a5eb5b7b387ac0d7e5be924
29a817ab8f2ffb826b31711867fa59550a183249bc47bc02a9c6c283ec5879c5
2ca61e6a83f5bc8da11119a4ad3648738d4480ce5004368b7567bcbe28c0ea84
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d0cf81dd44bdba413f71f201cccc175877073a5812c8e2e0e4826e74767357e
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30084d261e626c3216c17d11084d8bbc41c4ca4b808f37ea525ae27689388aff
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
38647b1f8ea9c663f30b42a48afd2b32c84cca3d92b0e4f738254297c596c40d
391320ec4ddd76cb7aa8dbaf74210032be835f176132ac47b70fc0f768332704
3964b8606d42868a8a3bf33bd0fddeaf431afdc8dd79017190f2d818fe105d4a
3dfbbf7b071c94c727406be74f56303d138befd817eb73b7ceac3710a5e04db9
3e1af3b6b8fc4963b1c066a82a029d9e8021b82874d1d9734a951d2addfffd55
3f77b14aaf136857d885934d9045a8e6e88b97be6d9b912c63beaf5ed05e42b6
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
4097c543658275c3dee6b5a613f9b9446927a9e9f90878b0b3155379cad45529
42be90ef7e0aff187b24810bb026060da19b13d26ed76add8163b5a63e9ba96f
4319327494b8ca482d4aaf975d10be81295bbdaa9f3e9045c257d5167713e58a
43bc2be753825e0ff4a2888200ae5ce7f0585358236455743c44988ea0f821b8
44021b95b9331839098cec7a62a2b9b78329bd6cf45d2ea9b74f76241a7a15e5
44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7
48fddf1a61d8efe8fbbc4000bf24f7e217b4ca7a0eb2bd5bef4755bfc0e611a5
4a059466e1af9b8bb8f90937257fa5e86fee7830f1bb2356a2125afb9e2c2c20
4a491c23609529b3008cd7bc8db9adf836922a6fc12107a309e0b12967952e1c
4b101f76f629bcde26478fa6bfbd146e0362d030ac54e9e4420cc04829e358f9
4e1abe7a8d1674c071829278efc8ac82a6bf1f9c382083bc886b0e1e058a69aa
52e4298d8ea2042be885d1d700156124df1850995e2a1c6f1e9f921e7a1eb22f
539a1df91e169ba7877c9a583583f0df8a41cd327ed35e3a0bb9e96f07f7b41a
55182279b09c4c0bf26015549bccfe926f7bdca61636be09c6d900f2e4e1f69e
611da0f6338ae3790e0ce27a223befd0031f870780a0122001873470ce56a7a8
612edfb25edb325f3ef072fd9b21a0a95a57cc20e3a2b02d8eb49e6155e584e3
624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4
6632f1fbe93d142488def68f51f745f286f62de532fda950be94d0fc6647cf81
68ec98e666510bfebfcbec2fa73d2d685d89bdda35a958ef6c3a8435d8667520
691029b83097ef3189aa8dc5be8a3f5c40fa52c8a49925589a734c91f1f22f29
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cde694847af84f5d659da00372022d94316834bf383ee1519b953b6f9b7e13f
6e32cd4d27ea7543264f4000eb736dc72cfae791a237caa51384f6c405ed72da
7079952083647fc004b91230483cafe2d093ae974cc0a9cdef1216fcf38b0de8
71d4d13cda0f6cb513c94d99a5f3d8731c6c01a134811fd1b356c243d27d1ca0
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
745cd249aa9496dd24c88ae597827d4e82ea76e53eeb890fb85ce2a56a4863d8
7504a1a314fdd39099943d5e839859156fffdce33dae82cb141ae91b9692300a
76ab30042d9eefe80cd4d3de1fbd1c948337371d3c185b950cb5e01baa0b7a7b
7732025793d3e9e3d3d4b5d8b6ada7a3f1d06d5726eaea1be29cb5581598eb8a
77ec1773ab8a3f1ccc1c19503051024ee638f6bbd9b65e3689b772b097fd0df9
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
7a54f658abd39fb5231ebbf32fd3ec4e26a833180abafaf4b732bb88ff318d6d
7f4a85598885156df52d3d8d0b0ff99b8b95c862bf0b03b9d48d33a2342a80e1
7fe16b5161f44457889be63e7e060bcc54c94fb806cad66fc38a9a7f68d00bea
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1
89c49089958a07fe102d56fc7e20e5fc1906fb08394ac1c0863f68aacc34c082
8a4e261844682fa17db66e00384b24aea8faa33f7449529b3287f05a3091d1b3
8d24416e42a3c1894f2d75caefd485e922377c66c6b1da5ed3b77a1c076545d3
8ee014cfbeb5bd0b44a8c2dd9ada81c3f25e1a2ee84308f8e13a310265a96181
8f6c9e2592743ddda120935613e7c3e827699fc202f89a3b913ccf80bda8e2a7
909e73306e4fd7d7dc5c7dee34409a7d2a2b28bc045311eba61606f5e5f9c21b
917a86f3e6640702df5e81899e755ff0e88ef123c6aaa704efc6cd5c3e566f85
9458ee96a742f91d479bbba627caca8408afb1b66f55ec514e66ac4a3027edb5
9687445fb917bd46c10aaed31d841f1f3a706b49cde1274cf3f91d081486a8d9
96e7344b08d3241870315be72c4dba7d2c2a7e92a812150f34ab550e0ef362e0
98f76bbad947b88029e412c6fc01a479aebfd8a12b5b2eb9e8d59f3f4652248e
9e7e2b80650392b2910d74cbc89184d7d8e7e2cc81be34bfdb0b801d4b1c2ecb
9e9b05e5c8c113f2f1455100df8c7672b9da25c21ab5cdafe2ed64867e54ad10
9f850ad638fc25604d8341ada2ecf0ad8f2b72cc19930dfb2f75b598e3dff732
9f8860150d8dc5d373e7322578a7228be19db83db7c2069c8cefb8330fe79b3a
9ff7b862380678d33fccb7185b3cb9f1170d3e5c9b1c3884f54d026ac04a2ab8
a792d00756df096d602334bb9b8f8ab2ad26da043ee10f8700c9d4010d111618
aac519e5d5eb121188175cbc222f624279f651a6f04e4b4e83840a74753f3e2e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b52b8ef479c47e178fb65fcf2bc9786e8fc618d3e0cfbab4f5ba432d89f5415f
b743451879ac4bc4719675971eccc555c3935b00e13e94a2a99109ca65d5ceb5
ba28b5cac4e98edf886d1344af915b7462a0e6c36b34ee5b242add7006d71c05
ba8d33f0f494c2c0add6c0f7809761c5591c3a7ab7def8aa8b7cba4fba92ff3e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd81a27c6625dfdab32d5b15aaf14f4f01557b779dedcfeb505f3510b98267d8
bf88008f2afe10f24d6faea715816d395e77abc085921b23a27b8bba7d8f5f2d
c136c95ca5fdcb2a94a2973d0aca4bd9fbf8e0a7603fcf30874699ca6d73aaf9
c5eda0fb777df84c3b9af5738e79106c33cb6c20ef137dc9127bbb3de4433c7d
c6ca3a8f2b49a772b7dd162c4e25bfdadfbda3816f2f29736f64bb59dada4c22
c89f8a66e1bb9f3bb240945ebb640449a04d3861db41a85a46dae71df95e583f
cafbc72c5f1ce01dfd4fa24ca8e045c60790b31f9ed1786eecb573283a4eb207
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a
cd6bebef6cde63e25753a866f0d87dd9b35ba0182cb79eaeb76aa3a70793a32d
ce791f9765c10e3b60ee51d23d7265fb0ee44c5c5368cfdc012a939efccd5ac4
cfb6add7c8ec1d6cf9611d8883154b99019ddeee1a7ce50c855f52a00e6eb4fb
d4e06a49c861f25e60ac59bcc2a8f7db4ce98ad2effdb77eee87184a74a4d01c
d4e6b6a920fc4d63287ad77ca75ce54dd9394b02513473a77e6c693ad77b8bcd
d79a815ab86a75c48bf2f9d8b623a9d9dddbe3600c4198a315f58957c2425019
da3181e28d7de03ddad626c651060bea999ea3577ba0d49ff96579c6004a798d
da829c9a038f451e0b77496d77799d143d872d04b7f6d154a70275ccdcf5ed0c
dc695d62adc9b2a9b24ab809498802c3cb45f25a2b07daef26be640d130a5a0c
dcee64b6c93241fc14ae0fec1ca53d40ddc1790de811d39de042606c0f94fe9c
e0a6397131af24cfd3c2bd399bdaa224fd31fd5cf372eb6f320b034761cdcfb2
e1375168a2cecd15446f9d96877bdd0bb44e0479e184ac1af1fcb0928d4a5f14
e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c3a3c1286581dc98296aa23a62130185e874983a1ea5c5f8b751238f478af7
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5
ebb0b3a23a0197976f98cd3f6b6fcc579b97b0842f3c6a46c8836a1bfdddefb9
ecde808bfa8f48410bc46538cfb22848119dbf08f1adfc7774315550b3b9e319
ee0c0ab6c68aba4282c6d3198982b737bdb962ce21f230f431a6379bc2261bcf
ef73eb6d62e8daaab77f674b3349a5a4b662873fbbef564f70c3f4ce25338f4d
f0aa770b7837abe3526f4324cb1bb4745dfc8ab0bf43a66caf65888a7bd883c6
f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae
f36191cb0e4b79c6b09daae80d77a2def340343954cb4ba0c5ba4a9a903feb23
f62597761d6440800c5e7dd82856c8df95fed32a87eeda64343630f40f2020da
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
fea5800a2519b46aa3ccacac1f9a19c8086d2ddc2d04d656656ba775fbd6ba0c

2014.intermediatms.com Open in urlscan Pro 2606:4700:3030::ac43:d7e8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

100 %HTTPS

83 %IPv6

9 Domains

11 Subdomains

12 IPs

4 Countries

1644 kBTransfer

2291 kBSize

5 Cookies

4 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 31 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

2014.intermediatms.com Open in urlscan Pro
2606:4700:3030::ac43:d7e8 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

100 %
HTTPS

83 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

1644 kB
Transfer

2291 kB
Size

5
Cookies

101 HTTP transactions
31 data transactions