v.elmstba.com Open in urlscan Pro
172.67.143.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.almstba.tv/
Effective URL:
https://v.elmstba.com/
Submission Tags: falconsandbox
Submission: On September 14 via api (September 14th 2021, 1:51:09 am UTC) from US — Scanned from DE

Summary HTTP 138 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 46 domains to perform 138 HTTP transactions. The main IP is 172.67.143.148, located in United States and belongs to CLOUDFLARENET, US. The main domain is v.elmstba.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 4th 2021. Valid for: a year.

This is the only time v.elmstba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.26.9.92 104.26.9.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
74	172.67.143.148 172.67.143.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.109.82.239 23.109.82.239	7979 (SERVERS-COM) (SERVERS-COM)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.102.95 142.250.102.95	15169 (GOOGLE) (GOOGLE)
1	69.16.175.42 69.16.175.42	33438 (HIGHWINDS2) (HIGHWINDS2)
1	104.79.89.133 104.79.89.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
6 6	172.67.129.132 172.67.129.132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	104.26.9.68 104.26.9.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	158.69.251.190 158.69.251.190	16276 (OVH) (OVH)
1	167.114.209.61 167.114.209.61	16276 (OVH) (OVH)
2	51.89.24.69 51.89.24.69	16276 (OVH) (OVH)
1	99.84.5.74 99.84.5.74	16509 (AMAZON-02) (AMAZON-02)
1	18.195.98.10 18.195.98.10	16509 (AMAZON-02) (AMAZON-02)
1	104.16.87.26 104.16.87.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	208.100.17.184 208.100.17.184	32748 (STEADFAST) (STEADFAST)
1	99.84.5.96 99.84.5.96	16509 (AMAZON-02) (AMAZON-02)
3	143.204.178.111 143.204.178.111	16509 (AMAZON-02) (AMAZON-02)
1	45.55.120.93 45.55.120.93	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 3	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
2 3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 3	72.246.100.56 72.246.100.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.178.117 143.204.178.117	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
2 14	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1	104.21.78.98 104.21.78.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	51.195.5.38 51.195.5.38	16276 (OVH) (OVH)
2 2	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
2 3	142.250.102.154 142.250.102.154	15169 (GOOGLE) (GOOGLE)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2 2	35.227.248.159 35.227.248.159	() ()
1 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
3 3	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
2 2	34.210.204.209 34.210.204.209	16509 (AMAZON-02) (AMAZON-02)
1	108.128.20.48 108.128.20.48	16509 (AMAZON-02) (AMAZON-02)
1 1	52.6.250.79 52.6.250.79	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	69.169.85.6 69.169.85.6	29838 (AMC) (AMC)
1	69.169.85.7 69.169.85.7	29838 (AMC) (AMC)
1	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
1 1	18.210.5.212 18.210.5.212	14618 (AMAZON-AES) (AMAZON-AES)
1	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2 2	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
138	35

1 104.26.9.92 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.almstba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 172.67.143.148 (United States)

ASN13335 (CLOUDFLARENET, US)

v.elmstba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.82.239 (Netherlands)

ASN7979 (SERVERS-COM, US)

spuezain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.102.95 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN33438 (HIGHWINDS2, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.89.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.129.132 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

www.elmstba.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.26.9.68 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

www.almstba-tv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.114.209.61 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns515688.ip-167-114-209.net

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.24.69 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip69.ip-51-89-24.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.5.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-5-74.lhr62.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.98.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-98-10.eu-central-1.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.87.26 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.184 (United States)

ASN32748 (STEADFAST, US)
PTR: ip184.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.5.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-5-96.lhr62.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.178.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-178-111.lhr50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.120.93 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.83.225 (Beauharnois, Canada) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.246.100.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-100-56.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.178.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-178-117.lhr50.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.30.140.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.78.98 (None, )

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.195.5.38 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.13 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.102.154 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: rb-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (None, ) 2 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.151.21 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.210.204.209 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-204-209.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.20.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-20-48.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.250.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-250-79.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.6 (Cranford, United States) 1 redirects

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.7 (Cranford, United States)

ASN29838 (AMC, US)

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.5.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-5-212.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-mon-1.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.87 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	elmstba.com v.elmstba.com	4 MB
17	crwdcntrl.net 2 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	23 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	6 KB
8	almstba-tv.com 8 redirects www.almstba-tv.com	3 KB
6	elmstba.video 6 redirects www.elmstba.video	2 KB
4	id5-sync.com 4 redirects id5-sync.com	6 KB
4	bootstrapcdn.com netdna.bootstrapcdn.com	99 KB
4	addthis.com s7.addthis.com m.addthis.com	217 KB
3	doubleclick.net 2 redirects cm.g.doubleclick.net	764 B
3	bluekai.com 1 redirects tags.bluekai.com	903 B
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	12 KB
3	dtscout.com e.dtscout.com t.dtscout.com	9 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	614 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	941 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	avct.cloud 2 redirects ads.avct.cloud	896 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	tapad.com 2 redirects pixel.tapad.com	916 B
2	turn.com 2 redirects d.turn.com	855 B
2	histats.com s10.histats.com s4.histats.com	5 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	rubiconproject.com token.rubiconproject.com	214 B
1	mathtag.com 1 redirects sync.mathtag.com	615 B
1	adgrx.com cm.adgrx.com	408 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	622 B
1	ml314.com ml314.com	422 B
1	mookie1.com ib.mookie1.com	990 B
1	ib-ibi.com 1 redirects global.ib-ibi.com	511 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	clickagy.com 1 redirects aorta.clickagy.com	673 B
1	krxd.net beacon.krxd.net	338 B
1	avocet.io 1 redirects ads.avocet.io	204 B
1	taboola.com trc.taboola.com	231 B
1	pubmatic.com image6.pubmatic.com	166 B
1	dtssrv.com a.dtssrv.com	552 B
1	dtscdn.com t.dtscdn.com	407 B
1	sharethis.com pd.sharethis.com	88 B
1	addthisedge.com v1.addthisedge.com	873 B
1	moatads.com z.moatads.com	1 KB
1	jquery.com code.jquery.com	3 KB
1	spuezain.com spuezain.com	1 KB
1	almstba.tv 1 redirects www.almstba.tv	699 B
0	survata.com Failed px.surveywall-api.survata.com Failed
138	46

	Domain	Requested by
74	v.elmstba.com	v.elmstba.com
9	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
8	www.almstba-tv.com	8 redirects
7	ic.tynt.com	v.elmstba.com
6	www.elmstba.video	6 redirects
5	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net
4	id5-sync.com	4 redirects
4	netdna.bootstrapcdn.com	v.elmstba.com netdna.bootstrapcdn.com
3	cm.g.doubleclick.net	2 redirects bcp.crwdcntrl.net
3	tags.bluekai.com	1 redirects v.elmstba.com bcp.crwdcntrl.net
3	match.adsrvr.org	2 redirects bcp.crwdcntrl.net
3	pixel.onaudience.com	3 redirects
3	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
3	s7.addthis.com	v.elmstba.com s7.addthis.com
2	secure.adnxs.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	dpm.demdex.net	2 redirects
2	ads.avct.cloud	2 redirects
2	loadm.exelator.com	1 redirects bcp.crwdcntrl.net
2	pixel.tapad.com	2 redirects
2	d.turn.com	2 redirects
2	t.dtscout.com	e.dtscout.com
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	sync.mathtag.com	1 redirects
1	cm.adgrx.com	bcp.crwdcntrl.net
1	sync.srv.stackadapt.com	1 redirects
1	ml314.com	bcp.crwdcntrl.net
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	aorta.clickagy.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	ads.avocet.io	1 redirects
1	trc.taboola.com	bcp.crwdcntrl.net
1	image6.pubmatic.com	bcp.crwdcntrl.net
1	a.dtssrv.com	e.dtscout.com
1	de.tynt.com	cdn.tynt.com
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	t.dtscdn.com	e.dtscout.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	cdn.tynt.com	e.dtscout.com
1	pd.sharethis.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	s10.histats.com	v.elmstba.com
1	z.moatads.com	s7.addthis.com
1	code.jquery.com	v.elmstba.com
1	ajax.googleapis.com	v.elmstba.com
1	fonts.googleapis.com	v.elmstba.com
1	spuezain.com	v.elmstba.com
1	www.almstba.tv	1 redirects
0	px.surveywall-api.survata.com Failed	bcp.crwdcntrl.net
138	56

This site contains links to these domains. Also see Links.

Domain
www.almstba.tv

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-04` - `2022-05-03`	a year	crt.sh
spuezain.com R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
histats.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
*.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-03`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
t.dtscdn.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-15`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
ib.mookie1.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-11-12`	2 years	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://v.elmstba.com/
Frame ID: CF752A10D440B2ED6905A34F8D3193B6
Requests: 110 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9D12D4722D77FDDD0EF064C6BC5EB074
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 8637FF8D3E1091654A933D00FD93CA83
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001631584259161612710A553DAA78
Frame ID: B6F7831206D9F4596327A0E4C7EEE799
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 6D5D1AE67B311D1C8446322FA1C8AE3A
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: 1DAFC06BF425A7D0DF25B035E4DD16B4
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

فيديو المصطبة TV - مشاهدة و تحميل الأفلام و المسلسلات اون لاين HD

Page URL History Show full URLs

https://www.almstba.tv/ HTTP 301
https://v.elmstba.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AddThis (Widgets) Expand

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

138
Requests

99 %
HTTPS

0 %
IPv6

46
Domains

56
Subdomains

35
IPs

8
Countries

4411 kB
Transfer

5746 kB
Size

63
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.almstba.tv/category.php?cat=english-movies
Title: الأفلام الأجنبية

Search URL Search Domain Scan URL

URL: https://www.almstba.tv/category.php?cat=arabic-movies
Title: أفلام عربية

Search URL Search Domain Scan URL

URL: https://www.almstba.tv/category.php?cat=arabic-series
Title: المسلسلات العربية

Search URL Search Domain Scan URL

URL: https://www.almstba.tv/category.php?cat=english-series
Title: الأجنبية

Search URL Search Domain Scan URL

URL: https://www.almstba.tv/category.php?cat=turkish-series
Title: التركية

Search URL Search Domain Scan URL

URL: https://www.almstba.tv/category.php?cat=hindi-series
Title: الهندية

Search URL Search Domain Scan URL

URL: https://www.almstba.tv/category.php?cat=asian-series
Title: الآسيوية

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.almstba.tv/ HTTP 301
https://v.elmstba.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.elmstba.video/uploads/thumbs/324df7b-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/324df7b-1.jpg

Request Chain 42

https://www.elmstba.video/uploads/thumbs/126a908-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/126a908-1.jpg

Request Chain 43

https://www.elmstba.video/uploads/thumbs/b2cbd30-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/b2cbd30-1.jpg

Request Chain 44

https://www.elmstba.video/uploads/thumbs/23458c5-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/23458c5-1.jpg

Request Chain 45

https://www.elmstba.video/uploads/thumbs/dac8e34-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/dac8e34-1.jpg

Request Chain 46

https://www.elmstba.video/uploads/thumbs/0b73e88-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/0b73e88-1.jpg

Request Chain 67

https://www.almstba-tv.com/uploads/thumbs/fba220a-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/fba220a-1.jpg

Request Chain 68

https://www.almstba-tv.com/uploads/thumbs/c1a7755-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/c1a7755-1.jpg

Request Chain 69

https://www.almstba-tv.com/uploads/thumbs/24737c8-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/24737c8-1.jpg

Request Chain 70

https://www.almstba-tv.com/uploads/thumbs/8ee69f1-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/8ee69f1-1.jpg

Request Chain 71

https://www.almstba-tv.com/uploads/thumbs/0545109-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/0545109-1.jpg

Request Chain 72

https://www.almstba-tv.com/uploads/thumbs/03dea90-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/03dea90-1.jpg

Request Chain 73

https://www.almstba-tv.com/uploads/thumbs/13f4549-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/13f4549-1.jpg

Request Chain 74

https://www.almstba-tv.com/uploads/thumbs/46f96f4-1.jpg HTTP 301
https://v.elmstba.com/uploads/thumbs/46f96f4-1.jpg

Request Chain 89

https://pixel.onaudience.com/?partner=137085098&mapped=6D001631584259161612710A553DAA78 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=bf0e94d5-eb98-4a55-8197-a13457c24b6e&icm HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=51b314b4e33f5a1e

Request Chain 115

https://id5-sync.com/s/19/9.gif?puid=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=8b2968735193142df2c6cdbd76b8e1a4&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOb0v3TT6qjS57IRi9Raz1_GfHCSAOmT2xQoKlUQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/7/3.gif?puid=3416221891491644935&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOb0v3TT6qjS57IRi9Raz1_GfHCSAOmT2xQoKlUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZGIzNjVmNGY3ZTBjMzc2ZjRhMjhiZmQ2MWFjYjA5YWM&google_redir={xENCODEDURL}&id5id=ID5-ZHMOb0v3TT6qjS57IRi9Raz1_GfHCSAOmT2xQoKlUQ

Request Chain 118

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=1e37054d-173b-4e6e-8025-2c17d754e4f6

Request Chain 119

https://loadm.exelator.com/load/?p=204&g=260&buid=db365f4f7e0c376f4a28bfd61acb09ac&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=260&buid=db365f4f7e0c376f4a28bfd61acb09ac&j=0&xl8blockcheck=1

Request Chain 120

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=1fe4c86f-0e8f-4e18-8a3e-6a8fc70e62a1

Request Chain 122

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=db365f4f7e0c376f4a28bfd61acb09ac&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=db365f4f7e0c376f4a28bfd61acb09ac&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=35173495322585517032832430201913597278

Request Chain 124

https://aorta.clickagy.com/pixel.gif?ch=120&cm=db365f4f7e0c376f4a28bfd61acb09ac HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:42ffdc311b57b8cc65c9376dcaa647b1

Request Chain 125

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=db365f4f7e0c376f4a28bfd61acb09ac HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=db365f4f7e0c376f4a28bfd61acb09ac

Request Chain 127

https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-a13521bf-5595-440b-6815-d72c9f701012$ip$216.131.111.161

Request Chain 129

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ac36140-0004-4300-882e-17e9a9505337

Request Chain 130

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=246cf522-0b79-42c1-a5bd-2c617999d613-61400005-5553

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUAABQAAAlOggAA6 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUAABQAAAlOggAA6&_test=YUAABQAAAlOggAA6

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc= HTTP 302
https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3

Request Chain 135

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/db365f4f7e0c376f4a28bfd61acb09ac/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3416221891491644935

Request Chain 136

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=134778033%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D134778033%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=134778033/tpid=5550714460590070112/tp=ANXS

138 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
v.elmstba.com/
Redirect Chain

https://www.almstba.tv/
https://v.elmstba.com/

158 KB
15 KB

1137ms
1084ms

Document
text/html

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a78e1e5560d9d27f89fa48ccc73d66114d377babb58f0781d6fdcbd1adaae50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: v.elmstba.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 14 Sep 2021 01:50:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; path=/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEIsLfZPRYagjHpZyLUVpqz%2F86ODuMF8s3U4cbUH75IHVuF09QX0z5AJ4sIY%2BZQxKgQfp12mZ5eybHBuZphpuFOo6KTDZe1Reln4blSy5vwFAO8UZy3GqHgPbCK9yLhf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 68e5f7a44a9b2c7e-LHR
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Tue, 14 Sep 2021 01:50:56 GMT
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhlOwfr%2BqHLjWCgveXaLJnOrVxT5aB29kzr931w62dP94NJn270JD3VWVMYCoA%2BhLGXQHbnMk9HCl3SZnKn5S9s1UJ0ce%2FVa3c%2BjqTN6rADWVSClzDdMOIrgmY%2FMz3EV6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 68e5f7a37de02c92-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK 19016 Show response
spuezain.com/1clkn/ 6 B
1 KB 217ms
21ms Script
application/javascript 23.109.82.239
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://spuezain.com/1clkn/19016

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.239 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 01:50:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 193ms
8ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 14 Sep 2021 01:50:57 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
21 KB 49ms
17ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 12456423
cdn-cachedat: 2021-03-10 20:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 471ff136810eec0a3cb984f6690a7558
cf-ray: 68e5f7ab6f272151-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK jasny-bootstrap.min.css
v.elmstba.com/templates/almstba/css/ 14 KB
4 KB 28ms
26ms Stylesheet
text/css 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/css/jasny-bootstrap.min.css

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe508673736191cbc01662c1392d0ee591106b93577f43f4cea0ca1731b06cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: v.elmstba.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://v.elmstba.com/
Cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 01:50:57 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 721911
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT
Last-Modified: Thu, 21 Dec 2017 07:24:34 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXGCZrx0NySElkPhDr0B0lVN%2BScGosJLJwXJ3Uv0U2erfuOsNqsUAwi37A2Q5%2FiUz0xImBlOIrwtpAWYM5uIw6nonUQHbu7jz8retPnU55AZl6hmZUGIhZHqa%2FJYT9rZ"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=2592000
CF-RAY: 68e5f7ab3cf52c7e-LHR
Expires: Tue, 05 Oct 2021 17:19:06 GMT

GET
H3 200 echo.css
v.elmstba.com/templates/almstba/css/ 220 KB
38 KB 73ms
46ms Stylesheet
text/css 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/css/echo.css

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

196841ded1f7e5c075aa0ec59b230f258a94ee1f7e71f7c4d87a0a043fdb53db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/css/echo.css
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 04 Jul 2019 19:34:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zk3VpErB%2FtkdxHKt6DyKNKGIFGoD9%2FxuxTKXJ8EyPZsWvpUB8A0LVruEJYl45Y0YhhIuMVNcdksUtuVTHACYcSlxPJIj4bL91FZwWGU1DapSsCh2x9ETNWrQhivMrqEt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7ab698cce43-LHR
expires: Tue, 05 Oct 2021 17:19:06 GMT

GET
H3 200 animate.min.css
v.elmstba.com/templates/almstba/css/ 56 KB
5 KB 58ms
31ms Stylesheet
text/css 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/css/animate.min.css

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d30926aabfb178597a84b624fdf7802ad3e2599f3501ae4c383d9a0d143494e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/css/animate.min.css
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 910594
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 21 Dec 2017 07:22:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMVnoAIYnW30dBOpKRYBsuRcY7I7fVNYGn3mld1tLFiZ9uCJF%2FfJc%2BZiLHI6tnhRcu%2FdzFqxD3Tx4MiM3f0mQTh1di1Qmx%2F2ImRYmtEpKIVpCSh5td6UWs810SMbXaim"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7ab698bce43-LHR
expires: Sun, 03 Oct 2021 12:54:23 GMT

GET
H3 200 bootstrap.min.rtl.css
v.elmstba.com/templates/almstba/css/ 32 KB
5 KB 58ms
31ms Stylesheet
text/css 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/css/bootstrap.min.rtl.css

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba8cca00213435730446c35d7bc56c3e31d6c08e364947a36c1f40336c01e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/css/bootstrap.min.rtl.css
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 909140
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 31 Mar 2019 09:16:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg8ESj0KTmjzOIPCYkT4slzvf7bfj%2F2508ZuJjaoykAOj9zj13X4dEVLHeTCXp4iEHvY26Clke8Lw2iZGfojWwoAyueCvcO7RYkJbRPT%2F3A1w5tvGYbVhV7LFYle5q6U"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7ab698dce43-LHR
expires: Sun, 03 Oct 2021 13:18:37 GMT

GET
H3 200 echo.rtl.css
v.elmstba.com/templates/almstba/css/ 21 KB
5 KB 56ms
29ms Stylesheet
text/css 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/css/echo.rtl.css

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa9541c7bb80859593a44e5172c01e6c57066764ec2cb7da455452ef56e6f8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/css/echo.rtl.css
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 21 Dec 2017 07:25:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQTU7CragaALsdtaI8SY0U0LMQY%2BAfL%2BNnRmnLq9qNSIaVEPvc6SXAOSFPXCzk5yWsDQl94Dd3zJ%2BafXKBmpR64K0MjFVyz7SyLu4TQ3VTk590U2BIRBM0ekBu1I4ygM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7ab698ece43-LHR
expires: Tue, 05 Oct 2021 17:19:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 75ms
27ms Stylesheet
text/css 142.250.102.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f95.1e100.net

Software

ESF /

Resource Hash

8cfe97d050a5a3393e194f8c43a48a42c9575253f694bff742b975d6c59c4f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 01:23:28 GMT
server: ESF
date: Tue, 14 Sep 2021 01:50:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Sep 2021 01:50:57 GMT

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 49ms
19ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 12456808
cdn-cachedat: 2021-03-10 20:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2c7afea9a19cf68e47c40b307b15a7a9
cf-ray: 68e5f7ab6f2a2151-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3 200 custom.css
v.elmstba.com/templates/almstba/css/ 10 KB
4 KB 90ms
64ms Stylesheet
text/css 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/css/custom.css

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de2a646adcfb6655902d3a341842a4a70901e557539b7a2b50f9b3f7df63e2ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/css/custom.css
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Sun, 09 Jun 2019 15:47:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DKbEk3g9uNlTmUlBBWOY5NVu0A4vYJZ49j028AmaxnnrA%2FZRGJDlxnlEcOinPHSeW%2FGYE8IA9Mjr%2BPhlpYQ7iKo8MDbn4MUDaoBEmej9QrtqV2X%2FqqvW7lgbd5X02iq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7ab698fce43-LHR
expires: Tue, 05 Oct 2021 17:19:06 GMT

GET
H3 200 invisible.js Show response
v.elmstba.com/cdn-cgi/challenge-platform/h/g/scripts/ 47 KB
17 KB 78ms
74ms Script
text/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b605e4d915da457fef1eae8365166bdf4a096e8b0153308633e1d0d3394aa915

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/challenge-platform/h/g/scripts/invisible.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T2NkiSVcdPCorNAcVDhjrp%2Fl5N5vdiI%2BN8ANDIDDzExNF6Gq3fUOI9kBg1CB5Yi5xSdtNDq4qfDqY5GJGk9IEJCMlQfcwNt7cVR1XfPmnK0ygMAv6fLgTHRoEONeLBW"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 68e5f7acda2ace43-LHR
vary: Accept-Encoding

GET
H3 200 echo-lzld.png
v.elmstba.com/templates/almstba/img/ 95 B
775 B 33ms
29ms Image
image/png 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/templates/almstba/img/echo-lzld.png

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c015a5d2a81139b7fe47b294882c03d3fd072c90d3d78127250d93e65c1de54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/img/echo-lzld.png
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 913122
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 95
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 19 Apr 2016 21:56:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWclUxZbmV44pEDh33zShUNLKsHqhWze2iW%2FyBCK%2F6eFG%2BnspNwYYwiRzOkjhTqdUSy62WjtUnUc7EikPMJfbPCKs4LjI5hOa%2Bp1NsPLFvgD5jqMOcpbZ%2BCRYODirXNn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7acda2bce43-LHR
expires: Tue, 02 Nov 2021 12:12:16 GMT

GET
H3 200 ajax.php
v.elmstba.com/ 42 B
690 B 199ms
195ms Image
image/gif 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/ajax.php?p=stats&do=show&aid=2&at=1

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ajax.php?p=stats&do=show&aid=2&at=1
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkeDpzm%2BQoMVzE%2FcexwLwMq%2FSCel3hZOiGOmalj24t%2BZd4V4Fa%2FjRqEPwOoVcUhypImeUxIdB4jGMq3AMgub6jIF%2F0B3pNu%2BhqaU9rE7fArGmofuWW0PZpfoZQBlJF3i"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: must-revalidate
cf-ray: 68e5f7acda2cce43-LHR
expires: Wed, 5 Feb 1986 06:06:06 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 27ms
20ms Script
text/javascript 142.250.102.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f95.1e100.net

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 03:15:26 GMT

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 72ms
16ms Script
application/javascript 69.16.175.42
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: W/"54499a48-1c1f"
vary: Accept-Encoding
x-hw: 1631584258.dop002.am5.t,1631584258.cds281.am5.hn,1631584258.cds029.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H3 200 swfobject.js Show response
v.elmstba.com/js/ 9 KB
4 KB 27ms
24ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/js/swfobject.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d2c4d8caceea906d5563d6baab3d75734accec0b2b3d2847d5ecb2741f84d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /js/swfobject.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Sat, 09 Sep 2017 03:12:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGY08nEQp1oKMAXop5snEVPwWstWcPB1TlD%2FSSqcHWO8jXcUjM%2FJ2RzENqcwtgqmxlwGSCKeT%2FCqAbhjX%2FtiNE%2FZlcI2Mprbu9ayHND4VtZu%2FVLl6BD7a%2BetHBoXC%2F%2BL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda1ace43-LHR
expires: Tue, 05 Oct 2021 17:19:07 GMT

GET
H3 200 slick.min.js Show response
v.elmstba.com/templates/almstba/js/ 39 KB
10 KB 50ms
46ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/slick.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8782b1edaaf45aab75b26cdebd9e0bc56dfdcc15390b9ac0de35df7ed13647de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/slick.min.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 704922
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 08 Sep 2017 08:01:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYV%2BRlviKHqwHeIlaAJbCvzJaFVLK%2BKpcAvnJchotwKq0UlYwLZt8k1hyyNDvc%2FGqFjHUE7yfdM1m5wLTY7SuZ0%2FZ%2FpWRl2jr33JNiYWbajO8SXheBJ9xBbitiZfW%2BAn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda1bce43-LHR
expires: Tue, 05 Oct 2021 22:02:16 GMT

GET
H3 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
9 KB 30ms
15ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 718
age: 12456790
cdn-cachedat: 2021-03-10 20:26:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2912f485fe097e5af511a23d74cd6c9d
cf-ray: 68e5f7acedfb2181-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3 200 theme.js Show response
v.elmstba.com/templates/almstba/js/ 36 KB
12 KB 36ms
33ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/theme.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3882508ed01b78352e92819d863937b0375ff0d2cd031355829b892ef71fa7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/theme.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 22 May 2019 03:12:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l542x7iHUlsLIXnE6VqUmrOBn9HZB7jqsrUJFreMrusViTlRdtGGT%2BdDMzkEdNYzsXKvYVE9TcgkL27NAx1FUt9JEUl%2B1oLB9zgCmAaXJC3%2BI%2BPJ2opPS8S0wIcK43mj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda1cce43-LHR
expires: Tue, 05 Oct 2021 17:19:07 GMT

GET
H3 200 jquery.maskedinput-1.3.min.js Show response
v.elmstba.com/templates/almstba/js/ 3 KB
2 KB 33ms
29ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/jquery.maskedinput-1.3.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357908b7c4580a4e3ebff3df0baf75bb86be30d2026db97011891e42aac3af46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/jquery.maskedinput-1.3.min.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 913122
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 08 Sep 2017 07:58:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ikUEIuVy07dkDKVx5qfcecW1eEE%2BDmH11T5mOjdxN5dhZI1jO4I%2BJZuhaC7qGqmHrHK%2Fh%2BPHmNI9D%2B%2F5hufXsIo02PHam%2FZo1SXUDszbf%2FKoOSAZvBz8%2FU4C5zGNrfx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda1ece43-LHR
expires: Sun, 03 Oct 2021 12:12:16 GMT

GET
H3 200 jquery-scrolltofixed-min.js Show response
v.elmstba.com/templates/almstba/js/ 4 KB
2 KB 33ms
29ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/jquery-scrolltofixed-min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a3803b3ab5c5ec4663ab061c7f5e2fce7158a0002ab68354d6ffd2677ff727

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/jquery-scrolltofixed-min.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Fri, 08 Sep 2017 07:56:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onspNLbymB7nR73Kp0cYDpEwppkpHJxOYfF2U4qqX7sqmnUakpUwcwuQS1BBBxQXlIv3A4GdWcX%2B1yCTFra%2F5lIotwZDo%2FwqYvMa6TzWPsq6L5rHSryqQEGe13aPeqWJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda1fce43-LHR
expires: Tue, 05 Oct 2021 17:19:07 GMT

GET
H3 200 jquery.ba-dotimeout.min.js Show response
v.elmstba.com/templates/almstba/js/ 801 B
1 KB 31ms
27ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/jquery.ba-dotimeout.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e383064a90ede5941f313745e99b6f5d5ae9c6a6007959e6a2d2b97b513bf6e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/jquery.ba-dotimeout.min.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 909172
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 20 Apr 2016 13:27:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xipr%2FpdK9dTb%2BzlNqcSeMBwUC1cZeSolucjizykNSGQ7pMqXkJUgf%2B5yhgTQVLDqv2q%2FcBl6BFqX4HE3PAw6Cy4chdETajJEPVvlWLKg57uYdoNOdI6hujLanF6%2FnR2f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda20ce43-LHR
expires: Sun, 03 Oct 2021 13:18:06 GMT

GET
H3 200 bootstrap-notify.min.js Show response
v.elmstba.com/js/ 8 KB
3 KB 34ms
30ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/js/bootstrap-notify.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406a926f73fd89000f83a0ad598ef4894f11115b2961c0f5445263dd34d24995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /js/bootstrap-notify.min.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 10 Nov 2015 15:32:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ru53U4ZRdI2v%2FzHwynsud%2B6fQ2mzn98UPYZLmAkNrTRGCgZIAB6e1%2BSAaKOBEhvqrUv0PPFioOovMiQMDUdQb1dAzuqYMt8zezJHD84vqHGtr0MY4sW8WWTjppqxN2jY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda21ce43-LHR
expires: Tue, 05 Oct 2021 17:19:07 GMT

GET
H3 200 melody.dev.js Show response
v.elmstba.com/js/ 15 KB
4 KB 30ms
26ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/js/melody.dev.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de974341474a156d1e0491baa6170a45494120859687b908b9c9258211d77674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /js/melody.dev.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 913122
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 09 Sep 2017 03:15:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC6wzC3hKbbTh9V%2FGsMHW6s5wUu85iz74JzMla83n6u0DaEGuSl1KExwZNJRGDmO3nDUCmALTWEmbGShGNFnJm1rsgFf3WSr3tyHof5xuO2wwQHiDnVjvbK3OXY1gOT%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda22ce43-LHR
expires: Sun, 03 Oct 2021 12:12:16 GMT

GET
H3 200 melody.dev.js Show response
v.elmstba.com/templates/almstba/js/ 5 KB
2 KB 47ms
43ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/melody.dev.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc9db6ce570f85a5d5abd484096fc89ce68904326b8c5fbad05a430dd4ca065

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/melody.dev.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 909846
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 08 Sep 2017 07:59:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT6nOx%2F9XWpiw2aeBr%2B%2B2LC0hIpGsLGm0WWFlkKHSw7b9kxPr0ROmCKB4UHiBtW6UEqI1UuTC%2BbuQ2OZ48oQtLgeQhvyS8bCb9SzolltW3FGpAvRJ9c4aCAboVaOnpIs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda23ce43-LHR
expires: Sun, 03 Oct 2021 13:06:52 GMT

GET
H3 200 jquery.dotdotdot.min.js Show response
v.elmstba.com/templates/almstba/js/ 6 KB
3 KB 49ms
46ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/jquery.dotdotdot.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75de6a6578de6abcdacd01d4285bf60be047e1b68c692ed33542b2bcfc43df0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/jquery.dotdotdot.min.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1708313
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Fri, 08 Sep 2017 07:57:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bct1rqMXZyjEH6a5RW1gKKNrr7ERL6QxOcUrjT0cY%2F6aKomQncVJryWOwt8FOxMKNeyyRTD2zpKjfDGdidtWjYsgDrNPvDPWQfw3TpbyJwgFppg46DcmyiGX3dURYbq7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda24ce43-LHR
expires: Fri, 24 Sep 2021 07:19:05 GMT

GET
H3 200 jasny-bootstrap.min.js Show response
v.elmstba.com/templates/almstba/js/ 17 KB
5 KB 35ms
31ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/jasny-bootstrap.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a17a706471ef8da971ee73f07292a272050412aee51457dbce295a9c9f068dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/jasny-bootstrap.min.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Fri, 08 Sep 2017 07:56:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjUK4%2Fr5ib1NG8b4Qk8bMKmZLfkxhgp5eCzLBY4EuY0obv73fcGVrOcZlQnFy3%2BuYuagsQDhcH3DQV6jkpOx20Qcbkp9Y%2B1Gxpr2vypGQ2OgJGafZyYapuG5bymvqNeo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda25ce43-LHR
expires: Tue, 05 Oct 2021 17:19:07 GMT

GET
H3 200 jquery.autosize.min.js Show response
v.elmstba.com/templates/almstba/js/ 3 KB
2 KB 31ms
27ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/jquery.autosize.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33cbd0ac4ef431f0bbeb28bf0c0354d18b545180b1d7fd7c31d5dd248d22999a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/jquery.autosize.min.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Fri, 08 Sep 2017 07:56:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCn%2Bu8G8iSu3eVh4aFoDEYfr%2BKj0j42EAYXRSA0K%2B8KXxsH30aEanEsrWcLOhYZnUASSZdeJaskuK0fJ4jZ1iFglf6dsO2wlldVXA9t4Uan4St2edSSiz8w1OHGvdSQn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda26ce43-LHR
expires: Tue, 05 Oct 2021 17:19:07 GMT

GET
H3 200 waypoints.min.js Show response
v.elmstba.com/templates/almstba/js/ 4 KB
2 KB 49ms
46ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/waypoints.min.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2b906846de25a18cf31e82e794b350ca1f372a527310408b471bd7f362a2589

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/waypoints.min.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Mon, 28 May 2012 06:10:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DOyMpD3Guug%2BzEcg2ZYnt6TBIhI8vYnnTTGP4z45GBSIz%2BiruIS80aYy7xzQq5b0sXCwbim0M8MKAkzJSoAWE2xm%2BEdgB1EjfiNwnt7TjrctHyrNyJGeR2UCIEknq4F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda27ce43-LHR
expires: Tue, 05 Oct 2021 17:19:07 GMT

GET
H3 200 melody.social.dev.js Show response
v.elmstba.com/templates/almstba/js/ 8 KB
2 KB 46ms
43ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/melody.social.dev.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea78c4e709891c57b8632eebb9fb84b6ab2ac6a7921449edbc79efe276db5044

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/melody.social.dev.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Fri, 08 Sep 2017 08:00:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTO%2BoP9HmUhlhPh9UG6UkHQEFQQts55TIhZJ07%2F496W00DejQSYTfjjuW5knttmZhuNca9hV6AWqG8exbFwGLAvXv9wRU90Sy2CE65VoEq86tuCOOJ8k805qSXwRMbkR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda28ce43-LHR
expires: Tue, 05 Oct 2021 17:19:07 GMT

GET
H3 200 jquery.cropit.js Show response
v.elmstba.com/templates/almstba/js/ 21 KB
7 KB 32ms
28ms Script
application/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/js/jquery.cropit.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a0aaa1f1229156242340aeab763e0dfb97f7e62a6594dc44c7f4df17d65b2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/js/jquery.cropit.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721911
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Fri, 08 Sep 2017 07:57:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oFJ5xHeCS5x0xt8k4kHbxV9Ay02oynedJqSrAGRdCZNc2RL751wyTp1FmHeO9N92Vhyy9atRuOl%2BmQyguSIHb%2B6Pa1w7CO1fn6AGDD9unhUQCV1x1nQfEptOIXa7dt4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 68e5f7acda29ce43-LHR
expires: Tue, 05 Oct 2021 17:19:07 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 174ms
6ms Script
application/x-javascript 104.79.89.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27058
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H3 200 icon-play-32.png
v.elmstba.com/templates/almstba/img/ 1 KB
2 KB 27ms
26ms Image
image/png 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/templates/almstba/img/icon-play-32.png

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/templates/almstba/css/echo.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72ac1a64a01bc5f1b45863b1318a4b3cec984e77510ea4ec5c95e11dd9964b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /templates/almstba/img/icon-play-32.png
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/templates/almstba/css/echo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/templates/almstba/css/echo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 722200
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1058
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Fri, 31 May 2019 09:11:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B94IoL8vcDHKRVI17AfU%2BbVTbzB84mHPc4%2BYk0msSjHdqeSCRGwHYRvQnr6JQkv4dAWK6njLsFVgCuFtNUP7ZxVJ6VeA%2FP2Wu07olg%2FikMGXim1pdsW%2FZLAp5VAPOc8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7acda2dce43-LHR
expires: Thu, 04 Nov 2021 17:14:18 GMT

GET
H3 200 Droid.Arabic.Kufi.ttf
v.elmstba.com/templates/almstba/css/fonts/ 80 KB
40 KB 34ms
33ms Font
font/ttf 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/templates/almstba/css/fonts/Droid.Arabic.Kufi.ttf

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/templates/almstba/css/echo.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31c6665135ae41b092153cd6480be82fad706ca9bd465784be70c00b8643308d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://v.elmstba.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab
:path: /templates/almstba/css/fonts/Droid.Arabic.Kufi.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: v.elmstba.com
referer: https://v.elmstba.com/templates/almstba/css/echo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://v.elmstba.com/templates/almstba/css/echo.css
Origin: https://v.elmstba.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 722083
x-server-powered-by: Engintron
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Wed, 27 Mar 2019 14:19:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXzTAHwrj4h1ID3E%2BzA%2BdLMa3zW47mdqIJzI29od6Kc2cZ2nzSCdd9daEDcrx6wVHeFtn4rU2vuk4IdzJZ0h2gjCVIuDzyE%2BESivfxbckqhbiXT8X5BY%2Bv4tZzFwI%2Fbb"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=5184000
cf-ray: 68e5f7acfa31ce43-LHR
expires: Thu, 04 Nov 2021 17:16:15 GMT

GET
H3 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 28ms
17ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://v.elmstba.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 12366787
cdn-cachedat: 2021-04-23 21:42:48
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64464
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fea0dcc23de9631dfe587332e1cb25a3
accept-ranges: bytes
cf-ray: 68e5f7acfef5c4bd-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 88ms
12ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:26 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 68157657

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5a9e38a83048dcb5/ 2 KB
873 B 32ms
13ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5a9e38a83048dcb5/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 450214057066f508395e7cb6f15f810671f91027bedf9149f227bbfef1c205c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: gzip
etag: -531895906--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=4, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 697

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 182ms
147ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=614000020fa463d8&bkl=0&bl=1&pdt=1298&sid=614000020fa463d8&pub=ra-5a9e38a83048dcb5&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=v.elmstba.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D8%A3%D9%81%D9%84%D8%A7%D9%85%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%2C%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%202021%2C%D8%A3%D9%81%D9%84%D8%A7%D9%85%202021%2C%D8%A3%D8%AC%D9%86%D8%A8%D9%8A%2C%D9%87%D9%86%D8%AF%D9%8A%2C%D8%AA%D8%B1%D9%83%D9%8A%2C%D8%A2%D8%B3%D9%8A%D9%88%D9%8A%2C%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9%2C%D9%82%D9%86%D9%88%D8%A7%D8%AA%20%D9%85%D8%B4%D9%81%D8%B1%D8%A9%2C%D8%A8%D8%B1%D8%A7%D9%85%D8%AC%20%D8%AA%D9%84%D9%81%D8%B2%D9%8A%D9%88%D9%86%D9%8A%D8%A9&colc=1631584258161&jsl=1&uvs=6140000203426255000&skipb=1&callback=addthis.cbs.jsonp__71732546593438530
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f83138d1d5ffa4f497e4263c2a385ebddc0fd05e5638bd8339cbc96226ed2911

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:50:58 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 9D12 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 8637 71 KB
26 KB 11ms
11ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://v.elmstba.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 14 Sep 2021 01:50:58 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3

200

324df7b-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.elmstba.video/uploads/thumbs/324df7b-1.jpg
https://v.elmstba.com/uploads/thumbs/324df7b-1.jpg

84 KB
84 KB

56ms
56ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/324df7b-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3952bea4aeda0253841aa4b41daa4eeae87b7be441b8046bea19c0f61360373d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/324df7b-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 713181
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85533
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 12 Apr 2021 14:38:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4NyitmnRUG8IjIEi1XagMOsN%2FvsX93f3W4rA3BaxFUq37n8YRV6amdMXaJjULXBWvP%2BoQ2BZmi0%2BSK0h7C0loNMwBOSLVLJDjvu8EGFn8dk0r3Blzz%2BZHx3l5tRrLgy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7afeb32ce43-LHR
expires: Thu, 04 Nov 2021 19:44:37 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2076005
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcllAyL8EhdEJqFc9WGr1LeE2RAbGUB5YA%2FLa3nmdznR9tsuJVEgS8ZFDUSW0IcMYn9pUNdz5EJwFLNj9Z%2FdyWhj07LSc04LmHb5xdYKn2ste%2FFIF%2Bjux8gxkK3vihh0CSHQWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/324df7b-1.jpg
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 68e5f7af9d89657a-LHR
expires: Wed, 20 Oct 2021 01:10:53 GMT

GET
H3

200

126a908-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.elmstba.video/uploads/thumbs/126a908-1.jpg
https://v.elmstba.com/uploads/thumbs/126a908-1.jpg

221 KB
222 KB

52ms
51ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/126a908-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e628b797e09f587cb68f24a232af005d2e1fb63ecddc6133df16de7fef49d0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/126a908-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 907542
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 226140
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 12 Apr 2021 19:15:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvyiuhuHr0SbsSoz1OhN%2Bg5LDYvqH6V5B%2BNqqme%2FDgaJi%2BitA9oY414fYjut7JOPY%2BzXj66JC%2BTz8N9xINurLmD2UoI0kQajh56XhU6GqlXDAfICLFTcWBmqEtPY25G8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7afeb31ce43-LHR
expires: Tue, 02 Nov 2021 13:45:16 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2061130
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4Oax2YK3ZU9onSa6QPNoWT%2B8pJppXeuCxkPL67pBOOdVm%2FhHm0%2BkrOxZicBL0bRvNSoDHDzpCl%2FFlHVku%2FtiNKZG0VRAC1AZ2dtp5HBv1j0tPrHAp0QyciuDpaJNY3l1TvaFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/126a908-1.jpg
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 68e5f7af9d8a657a-LHR
expires: Wed, 20 Oct 2021 05:18:48 GMT

GET
H3

200

b2cbd30-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.elmstba.video/uploads/thumbs/b2cbd30-1.jpg
https://v.elmstba.com/uploads/thumbs/b2cbd30-1.jpg

101 KB
101 KB

80ms
77ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/b2cbd30-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdabefb3e2256b0e612367361774c86c0b168e67482cf209edfc518b2bfa1f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/b2cbd30-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3284713
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 103019
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 13 Apr 2021 01:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioNk38mbM4BJvqYcH2A1QO23eTr%2FC1da61vViQ5tEI%2BjJZ5NsCrhjCB4Ne%2BVefZejyqSlvhHf0jWGFj03sUrKrEDbx0rvbRRYZrqJVXkD5bChtw8AgY9iGVS1iIC%2B%2F56"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7afeb35ce43-LHR
expires: Wed, 06 Oct 2021 01:25:45 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3439803
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJuAIDl8J%2FQj%2F9XHeDOHLHsW3hkbk%2BH4u8MG0c7SbqifLP3DNOdNgEEwBO%2B2lBUPxB2NE5eGdFanhbFYSGhBJlORqB%2FV1UwmBPZ%2FNr9KzTfS15iVt4kIjO2t3HdT9XUzRamN6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/b2cbd30-1.jpg
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 68e5f7af9d8b657a-LHR
expires: Mon, 04 Oct 2021 06:20:55 GMT

GET
H3

200

23458c5-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.elmstba.video/uploads/thumbs/23458c5-1.jpg
https://v.elmstba.com/uploads/thumbs/23458c5-1.jpg

118 KB
119 KB

66ms
66ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/23458c5-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3c173cd779f63b11967a3fc2bec392b1ab8d494419b152594d8d982324f1f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/23458c5-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4841757
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 120826
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 12 Apr 2021 20:07:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcL4kb74MTpF9EzY8DEt1ooXbWnvWNrR6OplBfPRQHKROz3nUBbt6y76Mc9YSJm6aemd0T4YNSyN8EGjgUK0IhHDFxymxKCdcmmgqwmVaELSDV2CWZzrHyXt2lbg3uY9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7afeb33ce43-LHR
expires: Sat, 18 Sep 2021 00:55:01 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2061130
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Sk4wPEnhCpZDJJgRzPraLNgzu%2FYptCd7jY5BeYgz7NsmhuQXGK%2FmX%2BHWf4G0ABbxCCy9xabyaPnk1gZb4mRmxoCe%2Fy4TqsOxJI7mlCGhCyW4Cwr1DEXPvAuOrBdGTZEJX18nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/23458c5-1.jpg
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 68e5f7af9d8c657a-LHR
expires: Wed, 20 Oct 2021 05:18:48 GMT

GET
H3

200

dac8e34-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.elmstba.video/uploads/thumbs/dac8e34-1.jpg
https://v.elmstba.com/uploads/thumbs/dac8e34-1.jpg

207 KB
208 KB

69ms
66ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/dac8e34-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b99184ff01d47417484ecb43b4cf571bf8f2601432979aa85d3290936767830

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/dac8e34-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 274125
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 212269
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 12 Apr 2021 21:23:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZVSZUNpuNxnM4p2xqZtVFVrb5ZfRCCBL8Usm6zeQ9vs9wOeUBia0QWkhfMwz%2BSSruRxHWjZlaiRkp0RoWaaLLZ8YJgqqZklyJP1PB0xl7snvO1GYwlBH8WqP9xrfT2W"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7afeb34ce43-LHR
expires: Tue, 09 Nov 2021 21:42:13 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2061130
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r72QYmniKdExjytlE00aVJTkYWNqXcdCpE9kHO2qxChLJ7k6XikjR73p%2Br8A7wW1Bvg4f7RRY4Rao4pWGkn0CDQfBbgYJcxzen32FYQx4EzpwiyqusQwES7H%2F%2BE0kg6X%2Bxrmtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/dac8e34-1.jpg
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 68e5f7af9d8d657a-LHR
expires: Wed, 20 Oct 2021 05:18:48 GMT

GET
H3

200

0b73e88-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.elmstba.video/uploads/thumbs/0b73e88-1.jpg
https://v.elmstba.com/uploads/thumbs/0b73e88-1.jpg

225 KB
225 KB

83ms
81ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/0b73e88-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ad7fded77f0f34933936cdd1731f4984f6d375e98fdcdc4b9724da48cf32569

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/0b73e88-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 682448
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 230080
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 15 Apr 2021 16:00:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoHKI50MM8qFQbFQSMlK4q2Y0hzcjlabuEcfUko66gmyZ%2B7fLBbEx77MtCmPXT%2FItVZ13fvSRhYZoWNXdT%2BC%2FZ6k7yBB1oZx%2BgdVmOYXmqqK%2Fjmv4%2B1zlHoNET6X4yUa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7afeb37ce43-LHR
expires: Fri, 05 Nov 2021 04:16:50 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2049365
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jj4cA8%2FOGqKDnbdVL4szQBfdX9ldCfly2NRrghex%2B1Cik2Mi1TugKdDQHydvc3%2FXQQF3p1yeGfF5cGq6ONNXAlyF9O5yUpflIMHlZwR3quvCnNR9onrv%2FWUCcM0d37itGGFhQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/0b73e88-1.jpg
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 68e5f7af9d8e657a-LHR
expires: Wed, 20 Oct 2021 08:34:53 GMT

GET
H3 200 014be50c2-1.jpg
v.elmstba.com/uploads/thumbs/ 79 KB
80 KB 76ms
74ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/014be50c2-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6000f7db91be6b810424ed527b9ffee9b94fafd85a1f02ba6ac1b2409073d1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/014be50c2-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 715262
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80824
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 20 Jul 2020 10:13:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2aL52DZj%2FaLh9FrlNbB8zqIvHcWv%2FDqgvq%2FS16TnvC7reLMGqfBJWy2wHS79pLB7r3mN9YK6W7rmTCXNzc0yBgLe%2BQCQ9dm50KXL%2FpLnfY92vaGdmg1Qfug%2FBStCHr3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5af9ce43-LHR
expires: Thu, 04 Nov 2021 19:09:56 GMT

GET
H3 200 81cdb6965-1.jpg
v.elmstba.com/uploads/thumbs/ 32 KB
33 KB 34ms
31ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/81cdb6965-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51dda1f7774c11ccc7ba90f2e753218c4e3cffa7f96276073dd847884c2923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/81cdb6965-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 715262
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33042
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 15 Jul 2020 14:40:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5btUD7izWrSnfaO2EsNkxU4vClDOj1%2BNyta3pHxKW0ai9ZIkLa3Dxi2lmeOAmluISQES%2BVaVcEMJDdZes%2Frb4BolLIMuHPNqP8syu2sEd2%2FuXILjYj1y%2BKd3dsD1zEW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5aface43-LHR
expires: Thu, 04 Nov 2021 19:09:56 GMT

GET
H3 200 32e5d8d96-1.jpg
v.elmstba.com/uploads/thumbs/ 70 KB
71 KB 56ms
53ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/32e5d8d96-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8243fccc9036fd8e97ca17ac220c12760099315fc4d7c814f7c43b859e1ba007

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/32e5d8d96-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1703848
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72040
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 04 Jul 2020 02:32:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22QCsa0TQP6Okg3f7uXgaPVX4CaiTLj7ru9g%2BsWi3JUCOucjKURZmucmNUFK8XIFhyRrCaMl5Nn%2B1rjszxGI0Ukw%2Bpitfv%2BS8cGvXkl3CgXFOpJlIaOxKLhz%2BuEwIn%2F3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5afbce43-LHR
expires: Sun, 24 Oct 2021 08:33:30 GMT

GET
H3 200 14f449e4c-1.jpg
v.elmstba.com/uploads/thumbs/ 43 KB
44 KB 35ms
32ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/14f449e4c-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

415657499562cefb7e4eda5a2e97e5adb295134ee9973f517f461c4443ca67eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/14f449e4c-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3413573
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44251
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 13 Jun 2020 10:33:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpGQti8MHB8kYi4i8wwVdC%2FnvNdw2WA%2FfmlBW1L7E5HOotA6MZAkEI6YeBBHeaP8iLsZRMlzf51dF%2F5GkSt6lL3Dhn%2BeXjbMzlOqHkZQGtUE7xCxtbdmSoRJYM0FVnUt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5afcce43-LHR
expires: Mon, 04 Oct 2021 13:38:05 GMT

GET
H3 200 368923472-1.jpg
v.elmstba.com/uploads/thumbs/ 96 KB
96 KB 60ms
57ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/368923472-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53b21182dd83590d1aa3432cf820310d504d3d0be26885adf802e86beccd1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/368923472-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712090
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 97934
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 25 Apr 2020 15:51:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qN4Ge5aEuUAL70qbt1Nm9cnAx9z0iSKiGOB%2BkT0wyYt8ZUolMTjL8yjNBx%2ByiqqaYKU%2BJ5XBcb%2FCPgjE8cs%2BrLQercImn9dtKXIIW4BIgMf4q9k1ZWGYtylr54GAgDcH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5afdce43-LHR
expires: Thu, 04 Nov 2021 20:02:48 GMT

GET
H3 200 94f22b8e1-1.jpg
v.elmstba.com/uploads/thumbs/ 27 KB
28 KB 74ms
71ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/94f22b8e1-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ec1bbb8ca7e2c8050345733d81d34dc8473aa12d0ecb823f9e735c0cccb735

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/94f22b8e1-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2836384
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27630
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 25 Apr 2020 14:09:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7UygLIAZgPxWabJ1oLRdcSWXhZJAplqNYduY508XC2AxpvCx8qoQx%2FliyDDkUcYU3QBvaOepnQUccohCbtlYs93EJ2Z7EU2TG4%2Bhg9k7op2aPDYQy242J5YvuNda%2FLZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5afece43-LHR
expires: Mon, 11 Oct 2021 05:57:54 GMT

GET
H3 200 ced48ed7b-1.jpg
v.elmstba.com/uploads/thumbs/ 43 KB
43 KB 75ms
71ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/ced48ed7b-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13bff57f9b44481abf6d20290c83481e899ed5c2448829f2b6d1e8927bfa3521

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/ced48ed7b-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 715262
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43557
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 25 Apr 2020 13:08:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qr7XeF9NU6rh9g5IIqTIFSsbHMvmK73AKzEbzvmJY17RCjdIQ2lzLJsFRjijgg9EOT6r2XC2djY0YZwTEOs9ekaoFDJ1nn3zFmwPvc5BLacXnkBboGLpZwBW2oaha6Km"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5affce43-LHR
expires: Thu, 04 Nov 2021 19:09:56 GMT

GET
H3 200 cbf268cfb-1.jpg
v.elmstba.com/uploads/thumbs/ 41 KB
42 KB 92ms
88ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/cbf268cfb-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a9265ee21d76477ee48d88beb658e03759a94c988aa475662b07b8cfe51addc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/cbf268cfb-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 907298
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42189
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 26 Mar 2019 17:32:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTCLtuKgwxmb0yTvqi09xIhIt4kIucUGag%2Bt%2FL%2Fei6XgPg%2BVgyWbGp%2BFrA0BklCNBjGv80eIESVq7PEJfCAUi5mljQMnfI%2Bl%2BBAK%2FjUw4JWZT8DObzGLRSRIawikzhgP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b00ce43-LHR
expires: Tue, 02 Nov 2021 13:49:20 GMT

GET
H3 200 43f4ac328-1.jpg
v.elmstba.com/uploads/thumbs/ 51 KB
51 KB 101ms
97ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/43f4ac328-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86a9e440911c495a85f298a178f8ced8f5efe23d064cae91e78db8f3b56fc04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/43f4ac328-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 711728
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51862
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 11 Oct 2018 05:31:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FFWuVtLimWkYcSQy3BYb%2FJeIhVRy957Tg26IAnYks7qiJhkRBPDzzqfeFV30yZnQuqVmiB%2Fw%2BZVADVDS3IsY0QG7NAOriHT0WxoC1%2BwIEn5bkot%2FslkoZV4n2TnvWp2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b01ce43-LHR
expires: Thu, 04 Nov 2021 20:08:50 GMT

GET
H3 200 9ec84d1b6-1.jpg
v.elmstba.com/uploads/thumbs/ 105 KB
106 KB 102ms
98ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/9ec84d1b6-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5115b1b1f4cbc0dea5f0af15aee1bbd304126bf0d20b2642edba7294f5fd76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/9ec84d1b6-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 714340
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107353
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 04 Jul 2019 14:51:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJ%2FVK4WE120GCnLrGCtw06Rh54l0Z8ZwIoB67hItcb93InI%2FiRl4DWPYzVd%2FbE1uoUDnTBKD3%2BWPwW6PGHbd18sW7wm28r2so9sNa3AuqzS0utnwAycFrQkgelKlsqKd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b02ce43-LHR
expires: Thu, 04 Nov 2021 19:25:18 GMT

GET
H3 200 17ded20b9-1.jpg
v.elmstba.com/uploads/thumbs/ 10 KB
10 KB 104ms
101ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/17ded20b9-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc606f574b9dcbc1df257bc89d88188420bdf5c0fec897019523a8dca679851e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/17ded20b9-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712090
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9802
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 07 Jan 2021 18:26:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxCrLQbpDKaXyCiZalT1AQyKRySk1%2B8JZzmRR%2F15GHdwD47IC0mlg7yRD5BVsPocp28BaO8EoNHcWNTl%2BVUkoCzDmaL9G2cigpTfLJjoUlNpQyijNM6JtqejqYDogHIZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b03ce43-LHR
expires: Thu, 04 Nov 2021 20:02:48 GMT

GET
H3 200 54f43c378-1.jpg
v.elmstba.com/uploads/thumbs/ 12 KB
13 KB 107ms
103ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/54f43c378-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f9debbdc5cf34bca5368bf9c965048246211db00c0f92a2ac4d55c491d715f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/54f43c378-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 904980
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12360
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 07 Jan 2021 18:24:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMsub5KeNXeE3k0rouRjxyTNQmPrEkGB3ZZ9xITw035rmhSNVMQ8D7xefxO08CGjLQdlD2VPJX32GXu2fbrN3CEs0b5hDulwaac7oTipAEuw9Mvn9qhgDXtwJ6NQzgFe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b04ce43-LHR
expires: Tue, 02 Nov 2021 14:27:58 GMT

GET
H3 200 833bec2f3-1.jpg
v.elmstba.com/uploads/thumbs/ 22 KB
22 KB 125ms
122ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/833bec2f3-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892e5286780a50988f1755f6d30df9c519af221d5cb1b1c359235941682f835f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/833bec2f3-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712090
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22179
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 07 Jan 2021 18:23:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBLmC8pO7Wci4BjgXKOksEkCU6I14gQhbTNe3m0HSrX6rE2MFCchHmd2pbZLZaqiRm0qb%2F5ttv4h5G4UZZhyuvtlG0OTKcoEvxTDZVFqy4GRxG1jjiWTuiWUVrETjaqR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b05ce43-LHR
expires: Thu, 04 Nov 2021 20:02:48 GMT

GET
H3 200 2166d6fc9-1.jpg
v.elmstba.com/uploads/thumbs/ 24 KB
24 KB 126ms
122ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/2166d6fc9-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46cee5ca988dfae5636e6cf7543408fac2e86e0f0a0c41ae0cf23815b90b9f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/2166d6fc9-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 904980
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24175
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 07 Jan 2021 18:22:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1%2F1w4NURVEunE%2FDIrJ6DL%2FYiIUe7sCg%2FwIqHLsDCdpt1vzheWP9NClfx4xezfeBw1RFj%2FTuRbPcWk7C1zxczRgQanknq3F4AhhxugJbQDZaUcmzesISUiMFIQkCmwsN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b06ce43-LHR
expires: Tue, 02 Nov 2021 14:27:58 GMT

GET
H3 200 18dd747d8-1.jpg
v.elmstba.com/uploads/thumbs/ 12 KB
13 KB 127ms
123ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/18dd747d8-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71872775b3d543baa620aabb5e1fa64d0e9c9c494a27e2d3853737672061329

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/18dd747d8-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712090
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12737
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Thu, 07 Jan 2021 18:20:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr4%2B413w7WUZ%2FyZrouNbnhskO%2FEE3A9tV5WbQ92mepVBWE1uRJUm76GroGhdACwrxfIuNFM7j6Yq1zjBpmv6gERnEHDhj39e%2B5XGGqsPgzHT55vSYp%2FR%2B65XL%2BHtj9MQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b07ce43-LHR
expires: Thu, 04 Nov 2021 20:02:48 GMT

GET
H3 200 61b2a669e-1.jpg
v.elmstba.com/uploads/thumbs/ 23 KB
23 KB 128ms
124ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/61b2a669e-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63efb1357a81dbe930e8815514395484fe1c0ca3c8ca21ba58b878523ad40248

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/61b2a669e-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 912229
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23344
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 27 Nov 2020 03:47:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swAGBaokiu766vXPQWRQVwL4IkXnWNv6NdQy4%2FHdbgurS6RKSSlduLB1HfVlz241kgQj2aUb6nEmWvwv2MT9FVGvN1FdpvFCVLpl%2BlSAp5n1E8NQ8BmmiThi7svcyQEm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b08ce43-LHR
expires: Tue, 02 Nov 2021 12:27:09 GMT

GET
H3 200 0ee7e8eb4-1.jpg
v.elmstba.com/uploads/thumbs/ 136 KB
137 KB 128ms
125ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/0ee7e8eb4-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64350f7677e5a9bf48012c2afd0376794565fc3e9b7e006095a896afba2fbc70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/0ee7e8eb4-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712090
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 139419
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 24 Nov 2020 03:23:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pe9cW48mH%2F2TIGW2xMFAIufYZcHj7wz%2Fxf3TC%2BGGr60Kc%2FOAR00JTKkzpiWdtWO2nXnuTQWxfl3%2BneFUhsuhN1aJL%2BXGnTviQoM5pXVRjii2fdBTTTisNHs9uwaDJkSH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b09ce43-LHR
expires: Thu, 04 Nov 2021 20:02:48 GMT

GET
H3 200 68a0b3ad4-1.jpg
v.elmstba.com/uploads/thumbs/ 26 KB
27 KB 133ms
130ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/68a0b3ad4-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d581e324d898bc2a2cb042e399087c62c375aae9e5cd38180cbf03e4a6669852

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/68a0b3ad4-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712090
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26687
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Mon, 04 Sep 2017 11:07:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFBWhVNOOc2md6Qtzhv8poWYWRa9UlX8SuOSaiRrAj8AgQhb1vAy%2FP4Kteax%2B8BXWACkXGtHFDqAUSfklQpnGfSm8mnNFXytnONPWxuPiuBUxx1he%2Fm%2BcuE%2F2J2sU5FV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b0ace43-LHR
expires: Thu, 04 Nov 2021 20:02:48 GMT

GET
H3 200 c1be371a0-1.jpg
v.elmstba.com/uploads/thumbs/ 24 KB
24 KB 133ms
130ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/c1be371a0-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7557df742b4333c453cc0aed826181d009d0b9fd6d9718dfd1efbfae2d41ba5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/c1be371a0-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712090
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24227
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 24 Nov 2020 03:19:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HebAAjRRKiiCbbd9bCbZcPwOMpjcYxbXTBZSjkkseju9WPZTFWUrzRXH29F53ygGjbItxKc7lsf23O63EBczL%2B8NK%2B3Omk%2Fj3u%2B5Jt9TTwRkoQY%2Bd5uSiUbQ4oiKP%2Fr0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b0bce43-LHR
expires: Thu, 04 Nov 2021 20:02:48 GMT

GET
H3 200 991ef8b3d-1.jpg
v.elmstba.com/uploads/thumbs/ 29 KB
30 KB 141ms
138ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/991ef8b3d-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a40e4138c7abd6cc1a075f9f57c2675c347a40f8c546e30350a8a60d15b4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/991ef8b3d-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712089
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29959
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Mon, 04 Sep 2017 11:07:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOsVexvGZ1FX4xcrzZwiVfs3UdDtjIdz81PCKUU1s9cut2JjI3doKWqx7daqwbTQc3WRK%2FoP8XM2DLNs9vjjOv4nOetddlOsiqLDIy7o%2BW5klhv5arbIcRa%2FE6gZZ4AT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7af5b0cce43-LHR
expires: Thu, 04 Nov 2021 20:02:49 GMT

GET
H3

200

fba220a-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.almstba-tv.com/uploads/thumbs/fba220a-1.jpg
https://v.elmstba.com/uploads/thumbs/fba220a-1.jpg

255 KB
256 KB

67ms
65ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/fba220a-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47784d95b3f372bca94fcde706316a77ca36edd7b66dc2321d73969352e6b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/fba220a-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 714555
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 261440
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 18 Feb 2021 14:13:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcBMu7VtqsvYQGPokRBFGuybGuAkMfffR%2FI8Z%2BX4c0VTg008F%2BEp89IL7eRg2VRn3soBcmPah3RpFMXditSUicA2vNVYTpmdh7CnzpfZevoVzCLZqPnOeEgRTpUG1jYf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7b03b4fce43-LHR
expires: Thu, 04 Nov 2021 19:21:43 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 912228
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQOPe13c42DJwm%2Fpv5EbQGxGoNWP2Vw0EJl39KTy2nl6cvLSfaTKAcy1h2%2FyId6fbNfUAwuFDLPs%2FzGJ0wyPq0GPsvQpxR%2FSewuyqCFQnQgYepIefpvzvDw2LIYwJ%2Fy02S7XuQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/fba220a-1.jpg
cache-control: max-age=5184000
cf-ray: 68e5f7afee7c06bd-LHR
expires: Tue, 02 Nov 2021 12:27:10 GMT

GET
H3

200

c1a7755-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.almstba-tv.com/uploads/thumbs/c1a7755-1.jpg
https://v.elmstba.com/uploads/thumbs/c1a7755-1.jpg

201 KB
201 KB

53ms
51ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/c1a7755-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d0d832cabc5f3bc61b0d279bf8fcbb78642dc00fc962602d7b2574127eb2b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/c1a7755-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 704905
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 205446
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Tue, 26 Nov 2019 17:25:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6Bc1%2FWAnL5WeGkJ7cMFBknLm10L%2FJ0JLy5YZBGhlVS%2B195ej9pqmh9bk%2F%2BMrjUSFNPZOhqVu9xXqt8HjiFe4QayaG87m2AngzlMmJUJ3YJobLHVqrV7FdOgkHI4GbiE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7b03b4bce43-LHR
expires: Thu, 04 Nov 2021 22:02:33 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712959
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jx65Jc4z0afzuUgxF7Rqk86MAejoKQYXi9U%2FSEfmdYEj0z2ZIBBnU1%2BN6A3mMSJO6VrGPYlMeEN3XK55LowCC%2BAvJhE66Qh2AxKNoeNDdiENU9Ft%2FXcxdOZGzWTBybdf8PEv0Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/c1a7755-1.jpg
cache-control: max-age=5184000
cf-ray: 68e5f7afee7d06bd-LHR
expires: Thu, 04 Nov 2021 19:48:19 GMT

GET
H3

200

24737c8-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.almstba-tv.com/uploads/thumbs/24737c8-1.jpg
https://v.elmstba.com/uploads/thumbs/24737c8-1.jpg

139 KB
139 KB

80ms
78ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/24737c8-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4460c3ce093c98a1189843db3ff927ca0481cf888fc24ad7deaab8b671c0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/24737c8-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 704905
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 141993
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 28 Sep 2020 18:29:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpPoPMt%2FNHYWPxVkEKOQgC0k0r0btE45PO%2Bi18jnHfWxoWofgaUl86P4lSNZZxjlnXTJkrKMJRzB757WQOwxJdrVKAh7mK%2BJJW5gFhN3WKVyIMRXf8%2BuHJtmCohGhZ04"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7b03b51ce43-LHR
expires: Thu, 04 Nov 2021 22:02:33 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 713871
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kw8qlV%2B8riyh4SbaHkAM5SJKxwbFrnp93iPO4EriTISek5oROxIGtIt5yf4TGYRL0AE5mbzD3rhLrxC6%2FpZvlOJlIuVQ2hBAlSJKE0jr85IGgkx9GNH5wFdgLnj31Tfu6rxWydc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/24737c8-1.jpg
cache-control: max-age=5184000
cf-ray: 68e5f7afee7e06bd-LHR
expires: Thu, 04 Nov 2021 19:33:07 GMT

GET
H3

200

8ee69f1-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.almstba-tv.com/uploads/thumbs/8ee69f1-1.jpg
https://v.elmstba.com/uploads/thumbs/8ee69f1-1.jpg

233 KB
234 KB

42ms
40ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/8ee69f1-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc0c9d0bc7198c46d7763e2d82563496d82291330b5c3a8cf31a559c69d6535c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/8ee69f1-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 912227
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 238579
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 19 Nov 2020 00:04:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GexFNDevl4u4q460uhb2WxtAm%2Fh1Ph9yNBcJ45ymvu2c6klbV8fSW9CGAojdq5UWu7Rk%2FlpMUWMGJslJYbRb%2F84NN%2FedXpyzIokIhvFrqtbkAfIRtElyQbHpzB3KuN4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7b03b4ace43-LHR
expires: Tue, 02 Nov 2021 12:27:11 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 714072
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JT%2BxcpSb%2FCH%2B2OMV8PNWl2jT6eD83bntzyjbqEVZfyHrqr%2FFpJ5hrwB8hgE%2FKR1p0RckfDmrdUtAuRWmQxhKKTjR647WXWMemyaqd0lEeAehHgH%2FzG41NTh7PDtkqHM6ZSk1Sk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/8ee69f1-1.jpg
cache-control: max-age=5184000
cf-ray: 68e5f7afee8006bd-LHR
expires: Thu, 04 Nov 2021 19:29:46 GMT

GET
H3

200

0545109-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.almstba-tv.com/uploads/thumbs/0545109-1.jpg
https://v.elmstba.com/uploads/thumbs/0545109-1.jpg

92 KB
92 KB

63ms
61ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/0545109-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9b44a0649dbba61c7e4cf466249a7893634dbaaa596e13e6bedef5b4582a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/0545109-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1495290
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 93801
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 28 Sep 2020 17:22:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imIN8Y29jjsPbPz2T4XU6R32%2Bo%2FGQBREsJp%2BPDLpXRHB8OhJF1u2q81%2FWFhTjc%2BxZCR6vyj71Vng7kT06JjcBIsRsZwYlHc42fgBAcbDJzV39%2BawT17AmBM2oTwSNKjm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7b03b48ce43-LHR
expires: Tue, 26 Oct 2021 18:29:28 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 904979
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FVLQI0KRtcRZjuGCN8jMiePTiYydLKODdnU3q05C4BrYz9V%2B0BMVkIDJtfDk%2BQQwgrrQa5YLnR1ozK17kZtFHJnMeAjqPQ3l5rAO6k5ujj2PfspFgyTx2yXJROzeskDVOro%2BJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/0545109-1.jpg
cache-control: max-age=5184000
cf-ray: 68e5f7afee8106bd-LHR
expires: Tue, 02 Nov 2021 14:27:59 GMT

GET
H3

200

03dea90-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.almstba-tv.com/uploads/thumbs/03dea90-1.jpg
https://v.elmstba.com/uploads/thumbs/03dea90-1.jpg

174 KB
175 KB

83ms
81ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/03dea90-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb74888c99d82df2d660d8593ce9efea60cdf69664319a102fea20207345635

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/03dea90-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712088
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 178538
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 12 Mar 2021 18:01:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTqcw5mXuF6X%2BcoHrLR966E72t7NwVlp1BuuXMBnpFCTtKtIQMP3O3hPBpIJh997i7TM8KLvYELQtA7CnLni%2Bg00xzZVuF9C4gurSInPLEStvwf1%2BQy5xlZcjXST%2BGCW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7b03b53ce43-LHR
expires: Thu, 04 Nov 2021 20:02:50 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1703846
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taA4NVVuzPftSXgOl%2F06dvanvwMD6uNr%2FIgdJ32R3hpDBeSWoAaTOjZunqeCRsnovndXgf8fjZSybgf0MbYS2fiChkc5WcksgyEZju8nOK2TyY%2F2JFytpVXQcddUsSy1eslyvfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/03dea90-1.jpg
cache-control: max-age=5184000
cf-ray: 68e5f7afee8206bd-LHR
expires: Sun, 24 Oct 2021 08:33:32 GMT

GET
H3

200

13f4549-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.almstba-tv.com/uploads/thumbs/13f4549-1.jpg
https://v.elmstba.com/uploads/thumbs/13f4549-1.jpg

269 KB
270 KB

86ms
84ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/13f4549-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5ba19b44b5a307d8f9a46737691755b92157c6af649244577f5ac49ffcfd722

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/13f4549-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712088
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 275227
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 06 Feb 2021 16:21:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgMx%2FxujoHayNZX3CimUEH%2FKlyU4QQz51%2FO7u%2FlMhoK50jnQYHLrgsBV%2BfXTtVw3yM157sTuAIp5k1birUXLx2saH0T4DBlzEwIOWBYPaCAHVMdz6KrXHUOPeoKIJ%2FhF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7b03b55ce43-LHR
expires: Thu, 04 Nov 2021 20:02:50 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712959
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEQc8RLhaKwo%2BI7OQuuVtwHtEMSV90mFKbA3xgB528w0sIp9pNLDV7KOXqnhWigpQd%2FeAL2NXb7QLAfxdqTxAUn5UkMvE3vnf60gSXIL8lqhH94YLKCIp8LaZwka%2BlIOERxcqIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/13f4549-1.jpg
cache-control: max-age=5184000
cf-ray: 68e5f7afee8306bd-LHR
expires: Thu, 04 Nov 2021 19:48:19 GMT

GET
H3

200

46f96f4-1.jpg
v.elmstba.com/uploads/thumbs/
Redirect Chain

https://www.almstba-tv.com/uploads/thumbs/46f96f4-1.jpg
https://v.elmstba.com/uploads/thumbs/46f96f4-1.jpg

105 KB
105 KB

66ms
64ms

Image
image/jpeg

172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/46f96f4-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbc79f7c86a94836b83fda71d51d2fbbd30dd2293b7e9a9294a61f45fd6d321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/46f96f4-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 904979
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107187
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 23 Apr 2020 20:24:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0QMhtHw68cajiE3lIcnNjhQySz2eQc%2BOmINxWdKAs%2BgyPim4Z6Ikh91HAjY6tBwGMfqTt%2FPaNSZ%2B7I4CPoGPoMwbDATD3C5fQYQVc9nhJA%2FWHHevgCmCxxxFJg6cJHi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7b03b4dce43-LHR
expires: Tue, 02 Nov 2021 14:27:59 GMT

Redirect headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 912227
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCK%2FXnv9PMMLGrBXNj9ay1jrIvl0MyDzero3keMiHpC9uWOrDGM2%2FNZ4AAGoB7RW4DP1p2n%2BTMkncTz%2BNo1CnIut3UjpTlPEh8dj5JQxNxCNTw35zbxkkGR8ElevWUqCy4YkomU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://v.elmstba.com/uploads/thumbs/46f96f4-1.jpg
cache-control: max-age=5184000
cf-ray: 68e5f7afee8406bd-LHR
expires: Tue, 02 Nov 2021 12:27:11 GMT

GET
H3 200 pica.js
v.elmstba.com/cdn-cgi/challenge-platform/h/g/scripts/ 19 KB
7 KB 82ms
81ms Other
text/javascript 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

573a8ac5c0e35ac7a6e6819caffaf7a3d83cb0783ad11eb1264f5641dfdf6755

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/challenge-platform/h/g/scripts/pica.js
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BI4FWPX9lTnbkm%2Bz%2BPKuNbfGdqymJBIDH1Nt0i6AIbzlxuCgXIHgrWgBDy%2FD3nuhr9xWnUId9v%2FucUf8Zihx2adr0jjvzpiB5laHFQoBtHP2oTOCJ0Lpr4fRP1t5MCc"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 68e5f7afab1dce43-LHR
vary: Accept-Encoding

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 380 B
515 B 288ms
94ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3784471&@f16&@g1&@h1&@i1&@j1631584258504&@k0&@l1&@m%D9%81%D9%8A%D8%AF%D9%8A%D9%88%20%D8%A7%D9%84%D9%85%D8%B5%D8%B7%D8%A8%D8%A9%20TV%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%88%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A3%D9%81%D9%84%D8%A7%D9%85%20%D9%88%20%D8%A7%D9%84%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-31796949&@b3:1631584259&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fv.elmstba.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: 8b5b79138e67127c539249dd171d263839c3fded27fddb18165d0573b150a2a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 01:50:58 GMT
Connection: close
Content-Length: 380
Content-Type: text/html;charset=UTF-8

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 8ms
8ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 14 Sep 2021 01:50:58 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 17ded20b9-1.jpg
v.elmstba.com/uploads/thumbs/ 10 KB
10 KB 28ms
27ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/17ded20b9-1.jpg

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc606f574b9dcbc1df257bc89d88188420bdf5c0fec897019523a8dca679851e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/17ded20b9-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712090
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9802
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 07 Jan 2021 18:26:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EazYxZyWbVa6RRnVKjuUOrhLWUgVDix03h682lVIhIpYXLNd0tkIYq5LeE4Nc5p46GSpHwGCOmwx9n3KBehYEtavVHyWucjiG4dYuMQDcXoUK0ED4mRPRo8GOB0sResq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7b0db7ece43-LHR
expires: Thu, 04 Nov 2021 20:02:48 GMT

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 7 KB
8 KB 325ms
104ms Script
application/javascript 167.114.209.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv.elmstba.com%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?3784471&@f16&@g1&@h1&@i1&@j1631584258504&@k0&@l1&@m%D9%81%D9%8A%D8%AF%D9%8A%D9%88%20%D8%A7%D9%84%D9%85%D8%B5%D8%B7%D8%A8%D8%A9%20TV%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%88%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A3%D9%81%D9%84%D8%A7%D9%85%20%D9%88%20%D8%A7%D9%84%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20HD&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-31796949&@b3:1631584259&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fv.elmstba.com%2F&@w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns515688.ip-167-114-209.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f5bd94d2ee34691dfb1df9386c443449a845c2186145b1f4bc7f64b4473d807a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 01:50:59 GMT
X-T: 0.673
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Tue, 14 Sep 2021 01:50:58 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame B6F7 1 KB
748 B 51ms
7ms Document
text/html 51.89.24.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001631584259161612710A553DAA78
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv.elmstba.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: eacf7f2a191dc6afe0a6523d045c5bae845e403ab4a255f30f94e353e828fb1a

Request headers

Host: t.dtscout.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://v.elmstba.com/
Accept-Encoding: gzip, deflate, br
Cookie: m=1; st=1; oa=1; df=1631584259; l=6D001631584259161612710A553DAA78
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 14 Sep 2021 01:50:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Tue, 14 Sep 2021 01:50:58 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 76ms
18ms Script
text/javascript 99.84.5.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv.elmstba.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.5.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-5-74.lhr62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 26301
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5f945d4578713543c6bb96b797e1a0f7.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 13 Sep 2021 18:32:39 GMT
x-amz-cf-pop: LHR62-C2
x-amz-cf-id: 4isPMegdQn4cyy_Hbv7OMZrYVLn7vBnFZAF3fGcQdNATrvQRjFNvJA==

GET
H/1.1 204
No Content dtscout Show response
pd.sharethis.com/pd/ 0
88 B 46ms
8ms Script
text/plain 18.195.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.sharethis.com/pd/dtscout
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv.elmstba.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.98.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-98-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 14 Sep 2021 01:50:59 GMT

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 10 KB
4 KB 51ms
16ms Script
application/javascript 104.16.87.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv.elmstba.com%2F&j=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.87.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 189904
etag: W/"612951fd-288b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 68e5f7b45d488766-DUS
expires: Fri, 17 Sep 2021 01:50:59 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 51ms
7ms Script
application/javascript 51.89.24.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=v.elmstba.com&_ss=3lo8frcrw0&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=43wb&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv.elmstba.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9c723354073a0a185a9471599008859cea62e0072903a25e3ee7d816fe1f7dc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 01:50:59 GMT
X-T: 0.152
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Tue, 14 Sep 2021 01:50:58 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 321ms
104ms Image
text/plain 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631584259338&dn=AFWU&iso=0&t=%D9%81%D9%8A%D8%AF%D9%8A%D9%88%20%D8%A7%D9%84%D9%85%D8%B5%D8%B7%D8%A8%D8%A9%20TV%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%88%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A3%D9%81%D9%84%D8%A7%D9%85%20%D9%88%20%D8%A7%D9%84%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20HD
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip184.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
960 B 163ms
114ms Fetch
application/json 99.84.5.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.5.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-5-96.lhr62.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:59 GMT
via: 1.1 25de4127038159040c9b8bcb29fd32bc.cloudfront.net (CloudFront), 1.1 9e62047214e4bace813d04a6aad42396.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C2, LHR62-C2
x-amzn-requestid: ddc4eb17-cff3-44fe-bb97-93fc066ef7f2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: FoTwkEpECYcFjEw=
content-length: 555
x-amz-cf-id: Q9mQE5celuiUb9wii9R7TuZhmaU3K6iAOoejDfYShsMKPoTZJN9Abw==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 38 KB
12 KB 88ms
24ms Script
text/javascript 143.204.178.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv.elmstba.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.178.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-178-111.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 20:46:55 GMT
content-encoding: gzip
etag: W/"f321a7442b8087eba0d1817aa7dbb5f7"
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
age: 18248
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 9a0d5427f47351631cdee4d5e38248d8.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: LHR50-C1
x-amz-cf-id: YORROIjG1A1lvgB2NlPsjr-N7wBdJJy-8RftJfvJKT2DcMB2oNEZYA==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 448ms
92ms Script
application/javascript 45.55.120.93
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D001631584259161612710A553DAA78&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fv.elmstba.com%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv.elmstba.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 00:55:39 GMT
X-T: 0.82
x-server: web14.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Tue, 14 Sep 2021 00:55:38 GMT

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D001631584259161612710A553DAA78
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=bf0e94d5-eb98-4a55-8197-a13457c24b6e&icm
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=51b314b4e33f5a1e

62 B
304 B

302ms
192ms

Image
image/gif

72.246.100.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=51b314b4e33f5a1e
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.100.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-100-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 01:51:00 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=51b314b4e33f5a1e
content-length: 0

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
837 B 76ms
22ms Fetch
application/json 143.204.178.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.178.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-178-117.lhr50.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:53:26 GMT
content-encoding: gzip
server: restify
age: 32253
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://v.elmstba.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: LHR50-C1
x-amz-cf-id: G3pW8kvQmjFNQvc4CNPttX_iuVdxyoqj1MQkzP6YJb4kZG2BAMLqfg==
via: 1.1 4a736139de9bd8873adfb7fc33510ddb.cloudfront.net (CloudFront)

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 320ms
104ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:59 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Wed, 15 Sep 2021 01:50:59 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
104ms Image
text/plain 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631584259338&dn=AFWU&iso=0&t=%D9%81%D9%8A%D8%AF%D9%8A%D9%88%20%D8%A7%D9%84%D9%85%D8%B5%D8%B7%D8%A8%D8%A9%20TV%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%88%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A3%D9%81%D9%84%D8%A7%D9%85%20%D9%88%20%D8%A7%D9%84%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20HD
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip184.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
104ms Image
text/plain 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631584259338&dn=AFWU&iso=0&t=%D9%81%D9%8A%D8%AF%D9%8A%D9%88%20%D8%A7%D9%84%D9%85%D8%B5%D8%B7%D8%A8%D8%A9%20TV%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%88%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A3%D9%81%D9%84%D8%A7%D9%85%20%D9%88%20%D8%A7%D9%84%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20HD
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip184.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
104ms Image
text/plain 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631584259338&dn=AFWU&iso=0
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip184.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:50:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631584259338&dn=AFWU&iso=0
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip184.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 107ms
107ms Image
text/plain 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631584259338&dn=AFWU&iso=0
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip184.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
106ms Image
text/plain 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631584259338&dn=AFWU&iso=0
Requested by: Host: v.elmstba.com
URL: https://v.elmstba.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip184.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 74ms
26ms XHR
application/json 143.204.178.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.178.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-178-111.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://v.elmstba.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 13:12:36 GMT
content-encoding: gzip
age: 45505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 8bb89f95ae8b94f794fb08fd2077dc5f.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: LHR50-C1
x-amz-cf-id: 6HI7QoA8tM3wsKI10oTA_aNapFEwDMp2BbHLaXFppBjBSWwwymc6MQ==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 615 B
1 KB 142ms
72ms XHR
application/json 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7bc93075c0539aa682708f7623ae7aec191b23848158d3a787fb2c2195ba5b5b

Request headers

Referer: https://v.elmstba.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://v.elmstba.com
cache-control: no-cache
x-server: 10.45.25.238
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 615
expires: 0

POST
H3 200 result Show response
v.elmstba.com/cdn-cgi/challenge-platform/h/g/cv/ 2 B
790 B 161ms
160ms XHR
text/plain 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.elmstba.com/cdn-cgi/challenge-platform/h/g/cv/result?req_id=68e5f7a44a9b2c7e

Requested by

Host: v.elmstba.com
URL: https://v.elmstba.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://v.elmstba.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com
content-length: 14317
:path: /cdn-cgi/challenge-platform/h/g/cv/result?req_id=68e5f7a44a9b2c7e
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://v.elmstba.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiC5nom1zLw8E%2FhYzZOVDAkOtICWeMKxbWwvOqVurqZaWjL1jN5Vg8v%2BAHJok0%2BLZnF78EUwNpcB4Op3nn55DSItysUryEmSueBEHIUcf%2F4io0sw%2FKd%2BCPq5kUWcM7uV"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
set-cookie: __cf_bm=OJ6ghMCXXRs.XKLduXmbI5rM2ZtgWbp5EsilnZGbpH8-1631584260-0-AQPd88FnKhJfE5otJC2pUabhei3qYTK6ksgNMNBlR1m2UXZrJzkG9GG035VIkfNy0pvqyP39JZYaT/l24fpVPv0kwj5i2qquNT39jwIbajjPhKhXwd6YTMaZtaBnklD2WA==; path=/; expires=Tue, 14-Sep-21 02:21:00 GMT; domain=.elmstba.com; HttpOnly; Secure; SameSite=None
cf-ray: 68e5f7bd8ed3ce43-LHR
vary: Accept-Encoding
content-length: 2

POST
H2 200 a
a.dtssrv.com/ 0
552 B 158ms
112ms Ping
text/html 104.21.78.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=6D001631584259161612710A553DAA78&k=lotpano&v=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv.elmstba.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://v.elmstba.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5JPnKvyKhcOhQMSZvKHrYLr4jnjoHJBq9beltbN4yp7GpoHOp4oYRmwSrdr26F3NfTtUsv5Uf7Ma1w1KxcL0H4J1SiymuzUrifMPrC715TiTcquoyOUyhJ5H19zIHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 68e5f7bdeab8081c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 6D5D 2 KB
1 KB 21ms
21ms Document
text/html 143.204.178.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.178.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-178-111.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/2/lt.iframe.html?c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://v.elmstba.com/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc="ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk"; _cc_aud="ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 13 Sep 2021 12:30:29 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9a0d5427f47351631cdee4d5e38248d8.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-C1
x-amz-cf-id: thjLkDJNTMqhi2uDYX---vEELIFuTfNFUKFPlvCfTmDFbY5I1E_Bqw==
age: 48032

GET
H3 200 cf072751f-1.jpg
v.elmstba.com/uploads/thumbs/ 24 KB
25 KB 29ms
28ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/cf072751f-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4a122fd70c44f12c75dd2d3acda330a2fbbec5ac489eea9da592fb624b50b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/cf072751f-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 911943
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24954
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 07 Jan 2021 18:18:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQYn%2BGklYRVxG%2BXjsM3HfBl4Ar1PORvZ1anlhkj6sjeXrTIVddVxVFvA3plzzG80wsX6YxsjKC4dmHJmp0YiAXc%2BiRG%2Fc%2FqYmZgozURoweYyoy%2BRb%2Bgf8gk3bQSnTrv%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9ed7ce43-LHR
expires: Tue, 02 Nov 2021 12:31:57 GMT

GET
H3 200 1be315b70-1.jpg
v.elmstba.com/uploads/thumbs/ 20 KB
21 KB 29ms
28ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/1be315b70-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e055da9ca085fd80e24c46f50d92a9b065bd72722e042a5720710d78ca04f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/1be315b70-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 703616
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20818
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 07 Jan 2021 18:16:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zs3IdaBHjs3uoXEAliStfNUmsJwc%2BYQg5cFKT1VeOGVwp%2BlX4fMNoaSAbGTfNjSalg5jdB01ZYmL9EWDd%2FHF1XKjFwVTOWeIsh066ooWMicgHqPVdZpMhVxOuLMZBxjU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9ed8ce43-LHR
expires: Thu, 04 Nov 2021 22:24:04 GMT

GET
H3 200 cb46438bf-1.jpg
v.elmstba.com/uploads/thumbs/ 13 KB
13 KB 25ms
23ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/cb46438bf-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc9fab6b96b7a8bc9dd6c6a6a7364479a68d9153b604c3fe628d0303eb86a5e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/cb46438bf-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 703074
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13032
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 07 Jan 2021 18:13:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJMXFO1FISldWF16NKXu6buWlbELlo6StsC1vxmOrSLTIG2qDiNqdcyNkUhjE6f08w56yW2hZIvaNFfvZcl%2BFqeVV0etv9U3Y9FrljaVlYkAOcy%2BUR7B8hsG%2B0jRZpbe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9edace43-LHR
expires: Thu, 04 Nov 2021 22:33:06 GMT

GET
H3 200 88949fb1b-1.jpg
v.elmstba.com/uploads/thumbs/ 17 KB
18 KB 27ms
25ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/88949fb1b-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81b97e81aafe1ea818fad4a3cada109ba210eecb416f45817581b5845e1ad288

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/88949fb1b-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 711020
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17885
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 07 Jan 2021 18:12:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bx2NR3Tw2wodLjy1CFXRjEC2D3pTnXTT8zIkIxyWYYQQ6mZFrCfGF%2FkuM5cK55Anv2d4eZDQXX9I%2BHarYCt%2FxRY2BM4NqDdv9%2FIQVI3idBRzgoSf8GlF3EWVEAreNxDI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9edbce43-LHR
expires: Thu, 04 Nov 2021 20:20:40 GMT

GET
H3 200 ca8cc35f6-1.jpg
v.elmstba.com/uploads/thumbs/ 9 KB
9 KB 30ms
28ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/ca8cc35f6-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5f2091df806f896c27016a4d0d7fe5387272cc726bcb39d8d013e3cdb0a77da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/ca8cc35f6-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 711020
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9024
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 07 Jan 2021 18:11:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAfQkj7uSl4yRDbcCEvsZzAwyvgK%2BvweGBcYXuAEaRgAJGWTk%2FDrUY75D9tz8BRq8%2B3LCU6A9Oy4FHCTemhW3%2F%2FwkZrQMessHoPHLg9VMVsbiph0NrR1XXCJy0XAWARZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9edcce43-LHR
expires: Thu, 04 Nov 2021 20:20:40 GMT

GET
H3 200 a2864717f-1.jpg
v.elmstba.com/uploads/thumbs/ 120 KB
121 KB 31ms
30ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/a2864717f-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed821ea256bb43f05eda88342e2bd38c5669fc395af10fb2e252d113219227d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/a2864717f-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 899465
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 123219
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 24 Nov 2020 03:16:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8ltjo2VnSIzS%2FzN2vsAVcR5B0TBOhcHmHt4oBivYRtA7kdKV1j8N9oJ58%2BaDyP7fAsUhmZwzae8ZNsIBkzZENMtyL67lYYHqdxdW6hq8oouJjkaOykehQnWIQ79ZLVG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9eddce43-LHR
expires: Tue, 02 Nov 2021 15:59:55 GMT

GET
H3 200 804786e67-1.jpg
v.elmstba.com/uploads/thumbs/ 27 KB
27 KB 25ms
24ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/804786e67-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8148221a46751072c586213dd6672b3b68e3242839c0b5d35111ac6efac8ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/804786e67-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2432100
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27156
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 24 Nov 2020 03:48:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26GrEJYf1jQGZNgZoFGSky7wpAfezRrY%2B7zB5AASq6VH3uOmzueaoVoZILk5fn9O5mok1%2BJbOY8%2B8gOXXY2QXdddntGKWkn2cT7GmE9Wb2VHc3YEo6XBy9TQCYi3rSsQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9edece43-LHR
expires: Fri, 15 Oct 2021 22:16:00 GMT

GET
H3 200 6540d687b-1.jpg
v.elmstba.com/uploads/thumbs/ 35 KB
36 KB 28ms
27ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/6540d687b-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3b5e5edb0f46302e341019d021053038653f07d9de1dba7c331fdd837fce142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/6540d687b-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 899465
x-server-powered-by: Engintron
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36071
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 24 Nov 2020 02:42:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYK7bXbbJ9r1Pu3LGRpPeuWcYFdkvTw4f4Kuhr2%2BwHc5%2Fo3oj%2BGgj4eGiuHcZK5Spgm1aRiRuXIrGn0FFUBWQP8xiriKHj6xGwBkJ60y3sh6iToiakmR34rylGHL9H1t"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9edfce43-LHR
expires: Tue, 02 Nov 2021 15:59:55 GMT

GET
H3 200 247d70a42-1.jpg
v.elmstba.com/uploads/thumbs/ 59 KB
60 KB 30ms
29ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/247d70a42-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b27846bc9580d69fc3e9216337debe2f367deac690802a9029e06908962a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/247d70a42-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 648119
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60484
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sun, 17 Sep 2017 16:28:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hI5Z0oaCOBBs8a6xu4h9Xk1LPqWy7ay9Cy4OkMGqAFBhwcnDRikZ%2FpMzOgqvmttWYDU5etcoiysfd8repzMrVKHF3cr4AKiQI3DhqVBcP4sbBAQ8ItdTdr7Z8siwezYW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9ee0ce43-LHR
expires: Fri, 05 Nov 2021 13:49:01 GMT

GET
H3 200 f5740a21f-1.jpg
v.elmstba.com/uploads/thumbs/ 99 KB
100 KB 33ms
31ms Image
image/jpeg 172.67.143.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.elmstba.com/uploads/thumbs/f5740a21f-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.143.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ff157f93dc566cdf274c8d14bf76a59eb7f11333b87eb101dd343f7dff686d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /uploads/thumbs/f5740a21f-1.jpg
pragma: no-cache
cookie: PHPSESSID=c313ade5f35d404648cbcf58a94f6bab; __atuvc=1%7C37; __atuvs=6140000203426255000; HstCfa3784471=1631584258504; HstCla3784471=1631584258504; HstCmu3784471=1631584258504; HstPn3784471=1; HstPt3784471=1; HstCnv3784471=1; HstCns3784471=1; __dtsu=6D001631584259161612710A553DAA78; lotame_domain_check=elmstba.com; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc=ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk; _cc_aud=ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT; panoramaId_expiry=1632189060557; panoramaId=ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: v.elmstba.com
referer: https://v.elmstba.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://v.elmstba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 657370
x-server-powered-by: Engintron
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 101488
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Sat, 16 Sep 2017 23:40:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hutunUkE4SeoZ69mFqEMNSLemYxrz5LV%2BqCG02ArRjicUIXg2ZyaTHRjoh5qNAubkFo%2Bi%2B6Ar9XfYBkmXsS0KJL1hqRP3Wc9agRS9cIEHW0k2vh4tN6%2FiSsNjbovtYKB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 68e5f7bd9ee1ce43-LHR
expires: Fri, 05 Nov 2021 11:14:50 GMT

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 1DAF 3 KB
3 KB 31ms
31ms Document
text/html 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8d1f737cb6d412ad385ef361c9874d4f7051784514a5c01ae4fecff0b9188361

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tags.crwdcntrl.net/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=db365f4f7e0c376f4a28bfd61acb09ac; _cc_cc="ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk"; _cc_aud="ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
content-type: text/html
content-length: 3307
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.28.235
server: Jetty(9.4.38.v20210224)

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1DAF 0
166 B 77ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DAF
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1
https://id5-sync.com/c/19/19/9/1.gif?puid=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=8b2968735193142df2c6cdbd76b8e1a4&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOb0v3TT6qjS57IRi9Raz1_GfHCSAOmT2xQoKlUQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/7/3.gif?puid=3416221891491644935&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOb0v3TT6qjS57IRi9Raz1_Gf...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZGIzNjVmNGY3ZTBjMzc2ZjRhMjhiZmQ2MWFjYjA5YWM&google_redir={xENCODEDURL}&id5id=ID5-ZHMOb0v3TT6qjS57IRi9Raz1_GfHCSAOmT2xQoKlUQ

170 B
188 B

29ms
28ms

Image
image/png

142.250.102.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZGIzNjVmNGY3ZTBjMzc2ZjRhMjhiZmQ2MWFjYjA5YWM&google_redir={xENCODEDURL}&id5id=ID5-ZHMOb0v3TT6qjS57IRi9Raz1_GfHCSAOmT2xQoKlUQ

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZGIzNjVmNGY3ZTBjMzc2ZjRhMjhiZmQ2MWFjYjA5YWM&google_redir={xENCODEDURL}&id5id=ID5-ZHMOb0v3TT6qjS57IRi9Raz1_GfHCSAOmT2xQoKlUQ
cache-control: no-cache
x-server: 10.45.27.72
content-length: 0
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1DAF 70 B
264 B 32ms
29ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame 1DAF 43 B
231 B 83ms
59ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 53
pragma: no-cache
date: Tue, 14 Sep 2021 01:51:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1631584261.845148,VS0,VE53
x-served-by: cache-hhn11525-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

tpid=1e37054d-173b-4e6e-8025-2c17d754e4f6
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 1DAF
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=1e37054d-173b-4e6e-8025-2c17d754e4f6

49 B
264 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=1e37054d-173b-4e6e-8025-2c17d754e4f6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:06 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.92
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=1e37054d-173b-4e6e-8025-2c17d754e4f6
date: Tue, 14 Sep 2021 01:51:05 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

/
loadm.exelator.com/load/ Frame 1DAF
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=260&buid=db365f4f7e0c376f4a28bfd61acb09ac&j=0
https://loadm.exelator.com/load/?p=204&g=260&buid=db365f4f7e0c376f4a28bfd61acb09ac&j=0&xl8blockcheck=1

0
755 B

9ms
8ms

Image
text/plain

18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=260&buid=db365f4f7e0c376f4a28bfd61acb09ac&j=0&xl8blockcheck=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 14 Sep 2021 01:51:00 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=260&buid=db365f4f7e0c376f4a28bfd61acb09ac&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

403

tpid=1fe4c86f-0e8f-4e18-8a3e-6a8fc70e62a1
sync.crwdcntrl.net/map/c=10492/tp=AVCT/ Frame 1DAF
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=1fe4c86f-0e8f-4e18-8a3e-6a8fc70e62a1

49 B
269 B

29ms
29ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=1fe4c86f-0e8f-4e18-8a3e-6a8fc70e62a1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.238
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=1fe4c86f-0e8f-4e18-8a3e-6a8fc70e62a1
date: Tue, 14 Sep 2021 01:51:01 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 111
content-type: text/html; charset=utf-8

GET t
px.surveywall-api.survata.com/ Frame 1DAF 0
0

GET
H2

200

tpid=35173495322585517032832430201913597278
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 1DAF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=db365f4f7e0c376f4a28bfd61acb09ac&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=db365f4f7e0c376f4a28bfd61acb09ac&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=35173495322585517032832430201913597278

49 B
265 B

34ms
34ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=35173495322585517032832430201913597278
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.238
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-usw2-2-v013-08dfe2799.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7eh5jqcvQt8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=35173495322585517032832430201913597278
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 1DAF 0
338 B 113ms
30ms Image
text/plain 108.128.20.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=db365f4f7e0c376f4a28bfd61acb09ac
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.20.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-20-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1631584260
x-served-by: beacon-n019-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

451

420246.gif
idsync.rlcdn.com/ Frame 1DAF
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=db365f4f7e0c376f4a28bfd61acb09ac
https://idsync.rlcdn.com/420246.gif?partner_uid=c:42ffdc311b57b8cc65c9376dcaa647b1

0
66 B

80ms
28ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:42ffdc311b57b8cc65c9376dcaa647b1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:51:01 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Tue, 14 Sep 2021 01:51:01 GMT
server: Aorta/20210715-1901da7
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
Content-Type: application/json
Location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:42ffdc311b57b8cc65c9376dcaa647b1
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-17-183.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 1DAF
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=db365f4f7e0c376f4a28bfd61acb09ac
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=db365f4f7e0c376f4a28bfd61acb09ac

120 B
990 B

480ms
86ms

Image
image/png

69.169.85.7
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=db365f4f7e0c376f4a28bfd61acb09ac
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.7 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 01:51:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: NY02
Content-Type: image/png
Content-Length: 120
Expires: -1

Redirect headers

Date: Tue, 14 Sep 2021 01:51:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=db365f4f7e0c376f4a28bfd61acb09ac
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: private
X-Server: NY07
Content-Type: text/html; charset=utf-8
Content-Length: 217

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame 1DAF 43 B
422 B 134ms
29ms Image
image/gif 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 01:51:00 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Tue, 14 Sep 2021 21:51:00 GMT

GET
H2

200

tpid=0-a13521bf-5595-440b-6815-d72c9f701012$ip$216.131.111.161
bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame 1DAF
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-a13521bf-5595-440b-6815-d72c9f701012$ip$216.131.111.161

49 B
264 B

32ms
32ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-a13521bf-5595-440b-6815-d72c9f701012$ip$216.131.111.161
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.72
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-a13521bf-5595-440b-6815-d72c9f701012$ip$216.131.111.161
Date: Tue, 14 Sep 2021 01:51:01 GMT
Connection: keep-alive
Content-Length: 130
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 1DAF 43 B
408 B 81ms
17ms Image
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-mon-1.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 01:51:00 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-2
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 1DAF
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ac36140-0004-4300-882e-17e9a9505337

49 B
265 B

45ms
32ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ac36140-0004-4300-882e-17e9a9505337
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.28.235
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Tue, 14 Sep 2021 01:51:00 GMT
Server: MT3 3944 2bcb57b master zrh-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ac36140-0004-4300-882e-17e9a9505337
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 14 Sep 2021 01:50:59 GMT

GET
H2

200

tpid=246cf522-0b79-42c1-a5bd-2c617999d613-61400005-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 1DAF
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=246cf522-0b79-42c1-a5bd-2c617999d613-61400005-5553

49 B
264 B

34ms
34ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=246cf522-0b79-42c1-a5bd-2c617999d613-61400005-5553
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.92
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:00 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=246cf522-0b79-42c1-a5bd-2c617999d613-61400005-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 1DAF 0
214 B 49ms
9ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=db365f4f7e0c376f4a28bfd61acb09ac&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tpid=YUAABQAAAlOggAA6&_test=YUAABQAAAlOggAA6
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 1DAF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUAABQAAAlOggAA6
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUAABQAAAlOggAA6&_test=YUAABQAAAlOggAA6

49 B
264 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUAABQAAAlOggAA6&_test=YUAABQAAAlOggAA6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.72
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631584261.189400,VS0,VE0
x-served-by: cache-hhn4054-HHN
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUAABQAAAlOggAA6&_test=YUAABQAAAlOggAA6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

/
bcp.crwdcntrl.net/gmap/ Frame 1DAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=
https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3

0
134 B

33ms
33ms

Image
text/plain

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
x-server: 10.45.1.163
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV

Redirect headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 1DAF 62 B
304 B 173ms
173ms Image
image/gif 72.246.100.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=8b2968735193142df2c6cdbd76b8e1a4
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.100.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-100-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 01:51:01 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

tpid=3416221891491644935
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 1DAF
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/db365f4f7e0c376f4a28bfd61acb09ac/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3416221891491644935

49 B
264 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3416221891491644935
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.92
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3416221891491644935
pragma: no-cache
date: Tue, 14 Sep 2021 01:51:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=134778033/tpid=5550714460590070112/ Frame 1DAF
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=134778033%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D134778033%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=134778033/tpid=5550714460590070112/tp=ANXS

49 B
265 B

37ms
37ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=134778033/tpid=5550714460590070112/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C97%2C95%2C94%2C80%2C79%2C78%2C61%2C54%2C42%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 01:51:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.238
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 01:51:01 GMT
X-Proxy-Origin: 216.131.111.161; 216.131.111.161; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b12bf6aa-af15-4fe2-8cc8-1033dafbd3d6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=134778033/tpid=5550714460590070112/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/t

Verdicts & Comments Add Verdict or Comment

238 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
v.elmstba.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c313ade5f35d404648cbcf58a94f6bab
spuezain.com/	1970-01-19 21:14:30	Name: GL_UI4 Value: eJw9jd1OgzAcxfkY4DIhnoQH8BHaZei4ND6El6Sl%2F7I6aJdSR3x7GxO9Or%2Bcj5wkSbK2QXovc%2BRfosPzC%2Bs045KfWN%2B%2F9prLk%2B54x%2FWZSMvjWWBv1iEIOVPY4XEiS96Mw%2BgU1XiK0Z9ztW6zOxTSC6tqFEtszDUq6d22km9z7KxYCOX7xbuoxSI%2BnUfWHyMaGzFlyNza5s0e1YexKu6aAzLOmrpMcLjNImjnl8GoMkUxeaEI6RseRhFocv4blaL1GtwNcLMa%2Fvu%2Ft%2FnGGUpFdzPGbxcu5H8AMHBKbQ%3D%3D
spuezain.com/	1970-01-19 21:14:30	Name: GL_GI10 Value: eJxFikEKwjAURNNUoqJp%2BdBzFKLQi4jrIOlvyaL5IYliPIRnttKii2HeDI8xxpsKuPVQn1TXqrNqlZrTKShHJODXCxwN3V0KWbvbhBJEwNGSk3BYQBvq8b8WaWNsyhL231qF0kY%2FPw6Tjh6xl1D9eFV2Nmof6JlFAXWyE77IoaZhiJi2bygegn8AfuQzaA%3D%3D
v.elmstba.com/	1970-01-20 06:41:52	Name: __atuvc Value: 1%7C37
v.elmstba.com/	1970-01-19 21:13:06	Name: __atuvs Value: 6140000203426255000
v.elmstba.com/	1970-01-20 05:58:40	Name: HstCfa3784471 Value: 1631584258504
v.elmstba.com/	1970-01-20 05:58:40	Name: HstCla3784471 Value: 1631584258504
v.elmstba.com/	1970-01-20 05:58:40	Name: HstCmu3784471 Value: 1631584258504
v.elmstba.com/	1970-01-20 05:58:40	Name: HstPn3784471 Value: 1
v.elmstba.com/	1970-01-20 05:58:40	Name: HstPt3784471 Value: 1
v.elmstba.com/	1970-01-20 05:58:40	Name: HstCnv3784471 Value: 1
v.elmstba.com/	1970-01-20 05:58:40	Name: HstCns3784471 Value: 1
.addthis.com/	1970-01-20 06:41:52	Name: uvc Value: 1%7C37
.addthis.com/	1970-01-20 06:41:52	Name: loc Value: MDAwMDBFVURFTlcyMzE3MTg3ODAwMjAwMDBDSA==
.dtscout.com/	1970-01-19 21:13:09	Name: m Value: 1
.dtscout.com/	1970-01-19 21:13:07	Name: st Value: 1
.dtscout.com/	1970-01-19 21:13:18	Name: oa Value: 1
.dtscout.com/	1970-01-19 23:37:04	Name: df Value: 1631584259
.dtscout.com/	1970-01-19 23:21:13	Name: l Value: 6D001631584259161612710A553DAA78
.elmstba.com/	1970-01-19 23:18:21	Name: __dtsu Value: 6D001631584259161612710A553DAA78
.elmstba.com/	1970-01-19 21:13:04	Name: lotame_domain_check Value: elmstba.com
.onaudience.com/	1970-01-20 05:58:40	Name: cookie Value: 9032237798b20062
.onaudience.com/	1970-01-19 21:14:30	Name: done_redirects147 Value: 1
.dtscdn.com/	1970-01-20 01:30:49	Name: uid Value: 6D001631584259161612710A553DAA78
.adsrvr.org/	1970-01-20 05:58:40	Name: TDID Value: bf0e94d5-eb98-4a55-8197-a13457c24b6e
.adsrvr.org/	1970-01-20 05:58:40	Name: TDCPM Value: CAEYBSABKAIyCwig0MfRmsv7ORAFOAE.
.onaudience.com/	1970-01-19 21:14:30	Name: done_redirects109 Value: 1
.crwdcntrl.net/	1970-01-20 03:41:49	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 03:41:49	Name: _cc_id Value: db365f4f7e0c376f4a28bfd61acb09ac
.crwdcntrl.net/	1970-01-20 03:41:52	Name: _cc_cc Value: "ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk"
.crwdcntrl.net/	1970-01-20 03:41:52	Name: _cc_aud Value: "ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT"
.elmstba.com/	1970-01-20 03:41:52	Name: _cc_id Value: db365f4f7e0c376f4a28bfd61acb09ac
.elmstba.com/	1970-01-20 03:41:52	Name: _cc_cc Value: ACZ4XmNQSEkyNjNNM0kzTzVINjY3SzNJNLJISksxM0xMTjKwTExmAIJEBwYWEA0BvGvWvddi%2FCjL8J%2BRkeH4piksMPbHz5Yw5rPFc%2BDCy%2F8UwlUfPcQMY%2B%2Fed1kAxv7QcB%2FOPoykdfoJdZiSd0sQJq7Z8JQbJt45%2BSTcMQCY3UEk
.elmstba.com/	1970-01-20 03:41:52	Name: _cc_aud Value: ABR4XmNgYGBIdGBgAVIQwMzAwDUDzFzUCiIZH9YDSQA10APT
.elmstba.com/	1970-01-19 21:23:09	Name: panoramaId_expiry Value: 1632189060557
.elmstba.com/	1970-01-19 21:23:09	Name: panoramaId Value: ff125702129439b12575e47a1a9116d539385260103d885907d7fda935ab9b12
.exelator.com/	1970-01-20 00:05:52	Name: EE Value: "57ee61738bdba6f9227f5df5447e4966"
.elmstba.com/	1970-01-19 21:13:06	Name: __cf_bm Value: OJ6ghMCXXRs.XKLduXmbI5rM2ZtgWbp5EsilnZGbpH8-1631584260-0-AQPd88FnKhJfE5otJC2pUabhei3qYTK6ksgNMNBlR1m2UXZrJzkG9GG035VIkfNy0pvqyP39JZYaT/l24fpVPv0kwj5i2qquNT39jwIbajjPhKhXwd6YTMaZtaBnklD2WA==
.exelator.com/	1970-01-20 00:05:52	Name: ud Value: "eJxrXxzq6XKLQcHUPDXVzNDc2CIpJSnRLM3SyMg8zTQlzdTExDzVxNLMbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJoSX5RZvoiF9fFRSlpDItKik8F7%252F3IAAB7myoE"
.krxd.net/	1970-01-20 01:32:16	Name: _kuid_ Value: OXE3jUEP
.mathtag.com/	1970-01-20 06:38:59	Name: uuid Value: 4ac36140-0004-4300-882e-17e9a9505337
.sitescout.com/	1970-01-20 05:58:40	Name: ssi Value: 246cf522-0b79-42c1-a5bd-2c617999d613#1631584261056
.sitescout.com/	1970-01-19 21:56:16	Name: _ssuma Value: eyI3IjoxNjMxNTg0MjYxMDc2fQ
.everesttech.net/	1970-01-20 05:58:40	Name: everest_g_v2 Value: g_surferid~YUAABQAAAlOggAA6
ads.avct.cloud/	1970-01-20 05:58:40	Name: uuid Value: 1fe4c86f-0e8f-4e18-8a3e-6a8fc70e62a1
sync.srv.stackadapt.com/	1970-01-20 05:58:40	Name: sa-user-id Value: s%3A0-a13521bf-5595-440b-6815-d72c9f701012.mtifEq%2BN9ZkLyEw8wh3kdwQ0VACaMtsWvbKhpu8ymdI
.srv.stackadapt.com/	1970-01-20 05:58:40	Name: sa-user-id-v2 Value: s%3A0-a13521bf-5595-440b-6815-d72c9f701012%24ip%24216.131.111.161.zVSecudwDD8CMAtzeHalogCLrKIeShir4Q5skqsCMIk
.adnxs.com/	1970-01-19 23:22:40	Name: uuid2 Value: 5550714460590070112
.turn.com/	1970-01-20 01:32:16	Name: uid Value: 3416221891491644935
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: tvty5ycbyvn5xt0j3uqua04y
.demdex.net/	1970-01-20 01:32:16	Name: demdex Value: 35173495322585517032832430201913597278
.dpm.demdex.net/	1970-01-20 01:32:16	Name: dpm Value: 35173495322585517032832430201913597278
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ywryuceeayyuu5efmuauwj2w
.ib.mookie1.com/	1970-01-20 05:58:40	Name: ibkukiuno Value: s=df5bddcd-6a4e-472b-81a1-99de5fe65fc5&h=&v=2568050555&l=-8585700226204664165&op=&hl=0&vlu=3&tcs=1&dcc=-8585700226204664165
.ib.mookie1.com/	1970-01-20 05:58:40	Name: ibkukinet Value: 3632492449=-8585700226204664165
.id5-sync.com/	1970-01-19 21:13:04	Name: cf Value:
.id5-sync.com/	1970-01-19 21:13:04	Name: cip Value:
.id5-sync.com/	1970-01-19 21:13:04	Name: cnac Value:
.id5-sync.com/	1970-01-19 21:13:04	Name: car Value:
.id5-sync.com/	1970-01-19 21:13:04	Name: gdpr Value:
.id5-sync.com/	1970-01-19 21:13:04	Name: callback Value:
.id5-sync.com/	1970-01-19 23:22:40	Name: id5 Value: a8ac90b1-3d5c-457c-a5c7-60a3bcd8973e#1631584259110#2
.id5-sync.com/	1970-01-19 23:22:40	Name: 3pi Value: 224#1631584259343#-1826059060\|321#1631584259316#-1897356074\|19#1631584259119#-144999012#db365f4f7e0c376f4a28bfd61acb09ac\|398#1631584259343#-1512441949

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://v.elmstba.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
network	error	URL: https://px.surveywall-api.survata.com/t Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=1fe4c86f-0e8f-4e18-8a3e-6a8fc70e62a1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:42ffdc311b57b8cc65c9376dcaa647b1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
ads.avct.cloud
ads.avocet.io
ajax.googleapis.com
aorta.clickagy.com
bcp.crwdcntrl.net
beacon.krxd.net
cdn.tynt.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
d.turn.com
de.tynt.com
dpm.demdex.net
e.dtscout.com
fonts.googleapis.com
get.s-onetag.com
global.ib-ibi.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
loadm.exelator.com
m.addthis.com
match.adsrvr.org
ml314.com
netdna.bootstrapcdn.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
px.surveywall-api.survata.com
s10.histats.com
s4.histats.com
s7.addthis.com
secure.adnxs.com
spuezain.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
v.elmstba.com
v1.addthisedge.com
www.almstba-tv.com
www.almstba.tv
www.elmstba.video
z.moatads.com
px.surveywall-api.survata.com
s7.addthis.com
104.16.87.26
104.18.10.207
104.21.78.98
104.26.9.68
104.26.9.92
104.75.88.126
104.79.89.133
108.128.20.48
13.248.242.197
142.250.102.154
142.250.102.95
143.204.178.111
143.204.178.117
151.101.114.49
158.69.251.190
167.114.209.61
172.67.129.132
172.67.143.148
18.195.98.10
18.198.126.47
18.210.5.212
185.29.132.245
185.33.221.87
185.64.190.78
199.232.137.44
208.100.17.184
23.109.82.239
34.210.204.209
34.247.104.176
35.227.248.159
35.244.174.68
45.55.120.93
46.105.201.240
46.228.164.13
51.195.5.38
51.79.83.225
51.89.24.69
52.17.151.21
52.30.140.199
52.6.250.79
63.251.232.170
66.155.71.150
67.202.105.31
69.16.175.42
69.169.85.6
69.169.85.7
69.173.144.139
72.246.100.56
99.84.5.74
99.84.5.96
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
13bff57f9b44481abf6d20290c83481e899ed5c2448829f2b6d1e8927bfa3521
196841ded1f7e5c075aa0ec59b230f258a94ee1f7e71f7c4d87a0a043fdb53db
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a9265ee21d76477ee48d88beb658e03759a94c988aa475662b07b8cfe51addc
2c015a5d2a81139b7fe47b294882c03d3fd072c90d3d78127250d93e65c1de54
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9debbdc5cf34bca5368bf9c965048246211db00c0f92a2ac4d55c491d715f9
31c6665135ae41b092153cd6480be82fad706ca9bd465784be70c00b8643308d
33cbd0ac4ef431f0bbeb28bf0c0354d18b545180b1d7fd7c31d5dd248d22999a
357908b7c4580a4e3ebff3df0baf75bb86be30d2026db97011891e42aac3af46
35ff157f93dc566cdf274c8d14bf76a59eb7f11333b87eb101dd343f7dff686d
3952bea4aeda0253841aa4b41daa4eeae87b7be441b8046bea19c0f61360373d
3a78e1e5560d9d27f89fa48ccc73d66114d377babb58f0781d6fdcbd1adaae50
3ad7fded77f0f34933936cdd1731f4984f6d375e98fdcdc4b9724da48cf32569
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
406a926f73fd89000f83a0ad598ef4894f11115b2961c0f5445263dd34d24995
415657499562cefb7e4eda5a2e97e5adb295134ee9973f517f461c4443ca67eb
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
450214057066f508395e7cb6f15f810671f91027bedf9149f227bbfef1c205c3
46cee5ca988dfae5636e6cf7543408fac2e86e0f0a0c41ae0cf23815b90b9f0a
50ec1bbb8ca7e2c8050345733d81d34dc8473aa12d0ecb823f9e735c0cccb735
573a8ac5c0e35ac7a6e6819caffaf7a3d83cb0783ad11eb1264f5641dfdf6755
5b99184ff01d47417484ecb43b4cf571bf8f2601432979aa85d3290936767830
6000f7db91be6b810424ed527b9ffee9b94fafd85a1f02ba6ac1b2409073d1d8
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
63efb1357a81dbe930e8815514395484fe1c0ca3c8ca21ba58b878523ad40248
64350f7677e5a9bf48012c2afd0376794565fc3e9b7e006095a896afba2fbc70
6a17a706471ef8da971ee73f07292a272050412aee51457dbce295a9c9f068dd
6d2c4d8caceea906d5563d6baab3d75734accec0b2b3d2847d5ecb2741f84d11
7557df742b4333c453cc0aed826181d009d0b9fd6d9718dfd1efbfae2d41ba5a
75de6a6578de6abcdacd01d4285bf60be047e1b68c692ed33542b2bcfc43df0a
7a0aaa1f1229156242340aeab763e0dfb97f7e62a6594dc44c7f4df17d65b2d8
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bc93075c0539aa682708f7623ae7aec191b23848158d3a787fb2c2195ba5b5b
7d0d832cabc5f3bc61b0d279bf8fcbb78642dc00fc962602d7b2574127eb2b07
7d30926aabfb178597a84b624fdf7802ad3e2599f3501ae4c383d9a0d143494e
7dbc79f7c86a94836b83fda71d51d2fbbd30dd2293b7e9a9294a61f45fd6d321
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
81b97e81aafe1ea818fad4a3cada109ba210eecb416f45817581b5845e1ad288
8243fccc9036fd8e97ca17ac220c12760099315fc4d7c814f7c43b859e1ba007
86a9e440911c495a85f298a178f8ced8f5efe23d064cae91e78db8f3b56fc04e
8782b1edaaf45aab75b26cdebd9e0bc56dfdcc15390b9ac0de35df7ed13647de
892e5286780a50988f1755f6d30df9c519af221d5cb1b1c359235941682f835f
8b5b79138e67127c539249dd171d263839c3fded27fddb18165d0573b150a2a8
8cfe97d050a5a3393e194f8c43a48a42c9575253f694bff742b975d6c59c4f74
8d1f737cb6d412ad385ef361c9874d4f7051784514a5c01ae4fecff0b9188361
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9c723354073a0a185a9471599008859cea62e0072903a25e3ee7d816fe1f7dc0
a5115b1b1f4cbc0dea5f0af15aee1bbd304126bf0d20b2642edba7294f5fd76e
aa9541c7bb80859593a44e5172c01e6c57066764ec2cb7da455452ef56e6f8e7
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af4460c3ce093c98a1189843db3ff927ca0481cf888fc24ad7deaab8b671c0f9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b4a122fd70c44f12c75dd2d3acda330a2fbbec5ac489eea9da592fb624b50b4e
b605e4d915da457fef1eae8365166bdf4a096e8b0153308633e1d0d3394aa915
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b9a3803b3ab5c5ec4663ab061c7f5e2fce7158a0002ab68354d6ffd2677ff727
bbb74888c99d82df2d660d8593ce9efea60cdf69664319a102fea20207345635
bc0c9d0bc7198c46d7763e2d82563496d82291330b5c3a8cf31a559c69d6535c
bc9fab6b96b7a8bc9dd6c6a6a7364479a68d9153b604c3fe628d0303eb86a5e3
bdabefb3e2256b0e612367361774c86c0b168e67482cf209edfc518b2bfa1f76
c71872775b3d543baa620aabb5e1fa64d0e9c9c494a27e2d3853737672061329
cdc9db6ce570f85a5d5abd484096fc89ce68904326b8c5fbad05a430dd4ca065
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d3882508ed01b78352e92819d863937b0375ff0d2cd031355829b892ef71fa7a
d581e324d898bc2a2cb042e399087c62c375aae9e5cd38180cbf03e4a6669852
d5a40e4138c7abd6cc1a075f9f57c2675c347a40f8c546e30350a8a60d15b4a8
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
da9b44a0649dbba61c7e4cf466249a7893634dbaaa596e13e6bedef5b4582a8e
dc606f574b9dcbc1df257bc89d88188420bdf5c0fec897019523a8dca679851e
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
de2a646adcfb6655902d3a341842a4a70901e557539b7a2b50f9b3f7df63e2ff
de974341474a156d1e0491baa6170a45494120859687b908b9c9258211d77674
e383064a90ede5941f313745e99b6f5d5ae9c6a6007959e6a2d2b97b513bf6e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c173cd779f63b11967a3fc2bec392b1ab8d494419b152594d8d982324f1f04
e51dda1f7774c11ccc7ba90f2e753218c4e3cffa7f96276073dd847884c2923d
e53b21182dd83590d1aa3432cf820310d504d3d0be26885adf802e86beccd1f1
e5ba19b44b5a307d8f9a46737691755b92157c6af649244577f5ac49ffcfd722
e628b797e09f587cb68f24a232af005d2e1fb63ecddc6133df16de7fef49d0eb
e72ac1a64a01bc5f1b45863b1318a4b3cec984e77510ea4ec5c95e11dd9964b2
e7e055da9ca085fd80e24c46f50d92a9b065bd72722e042a5720710d78ca04f3
ea78c4e709891c57b8632eebb9fb84b6ab2ac6a7921449edbc79efe276db5044
eacf7f2a191dc6afe0a6523d045c5bae845e403ab4a255f30f94e353e828fb1a
eba8cca00213435730446c35d7bc56c3e31d6c08e364947a36c1f40336c01e12
ed821ea256bb43f05eda88342e2bd38c5669fc395af10fb2e252d113219227d3
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f2b906846de25a18cf31e82e794b350ca1f372a527310408b471bd7f362a2589
f3b5e5edb0f46302e341019d021053038653f07d9de1dba7c331fdd837fce142
f47784d95b3f372bca94fcde706316a77ca36edd7b66dc2321d73969352e6b2e
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5bd94d2ee34691dfb1df9386c443449a845c2186145b1f4bc7f64b4473d807a
f5f2091df806f896c27016a4d0d7fe5387272cc726bcb39d8d013e3cdb0a77da
f6b27846bc9580d69fc3e9216337debe2f367deac690802a9029e06908962a0b
f8148221a46751072c586213dd6672b3b68e3242839c0b5d35111ac6efac8ca6
f83138d1d5ffa4f497e4263c2a385ebddc0fd05e5638bd8339cbc96226ed2911
fe508673736191cbc01662c1392d0ee591106b93577f43f4cea0ca1731b06cb1

v.elmstba.com Open in urlscan Pro 172.67.143.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

99 %HTTPS

0 %IPv6

46 Domains

56 Subdomains

35 IPs

8 Countries

4411 kBTransfer

5746 kBSize

63 Cookies

7 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

v.elmstba.com Open in urlscan Pro
172.67.143.148 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

99 %
HTTPS

0 %
IPv6

46
Domains

56
Subdomains

35
IPs

8
Countries

4411 kB
Transfer

5746 kB
Size

63
Cookies

138 HTTP transactions
0 data transactions