Submitted URL: http://1428elm.com/
Effective URL: https://1428elm.com/
Submission: On September 10 via manual from US — Scanned from DE

Summary

This website contacted 73 IPs in 8 countries across 59 domains to perform 225 HTTP transactions. The main IP is 2a02:26f0:600::210:5b11, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is 1428elm.com.
TLS certificate: Issued by R3 on July 21st 2022. Valid for: 3 months.
This is the only time 1428elm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2a02:26f0:600... 20940 (AKAMAI-ASN1)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
19 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 151.101.66.217 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
17 2.21.20.151 20940 (AKAMAI-ASN1)
1 143.204.214.184 16509 (AMAZON-02)
6 23.35.237.86 16625 (AKAMAI-AS)
1 65.9.66.86 16509 (AMAZON-02)
7 65.9.71.118 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:1:c... 15169 (GOOGLE)
1 3 99.86.4.2 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
1 2600:1901:0:8... 15169 (GOOGLE)
2 23.35.229.181 16625 (AKAMAI-AS)
1 96.16.142.89 16625 (AKAMAI-AS)
1 142.250.185.166 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 151.139.128.11 20446 (STACKPATH...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a04:4e42:9::760 54113 (FASTLY)
8 2a04:4e42:62:... 54113 (FASTLY)
3 2.16.186.19 20940 (AKAMAI-ASN1)
1 2600:9000:214... 16509 (AMAZON-02)
5 70.42.32.95 13789 (INTERNAP-...)
1 104.244.42.136 13414 (TWITTER)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.120.195.249 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
2 151.101.114.132 54113 (FASTLY)
2 2600:1901:0:f... 15169 (GOOGLE)
1 2600:1901:0:5... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 99.86.4.110 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
1 2600:9000:205... 16509 (AMAZON-02)
2 34.120.117.212 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2600:1901:1:81:: 15169 (GOOGLE)
1 143.204.215.6 16509 (AMAZON-02)
1 63.34.160.33 16509 (AMAZON-02)
6 34.233.48.179 14618 (AMAZON-AES)
4 52.28.203.152 16509 (AMAZON-02)
3 10 2606:4700:303... 13335 (CLOUDFLAR...)
2 2602:803:c003... 26667 (RUBICONPR...)
2 52.59.92.120 16509 (AMAZON-02)
2 34.149.20.76 15169 (GOOGLE)
2 44.195.242.53 14618 (AMAZON-AES)
2 157.90.0.13 24940 (HETZNER-AS)
4 37.252.173.22 29990 (ASN-APPNEX)
3 35.244.159.8 15169 (GOOGLE)
3 209.191.163.210 29791 (VOXEL-DOT...)
1 2.18.232.7 16625 (AKAMAI-AS)
1 198.47.127.22 62713 (AS-PUBMATIC)
1 104.18.18.126 13335 (CLOUDFLAR...)
1 213.19.147.43 3356 (LEVEL3)
1 34.240.38.30 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
1 13.248.245.213 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 162.55.236.224 24940 (HETZNER-AS)
2 2 198.47.127.18 62713 (AS-PUBMATIC)
1 1 142.250.186.34 15169 (GOOGLE)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 147.75.85.234 54825 (PACKET)
1 18.196.120.249 16509 (AMAZON-02)
3 3 35.211.178.172 19527 (GOOGLE-2)
2 2 188.42.196.115 7979 (SERVERS-COM)
225 73
Apex Domain
Subdomains
Transfer
20 fansided.com
cdn.fansided.com — Cisco Umbrella Rank: 69111
app.fansided.com — Cisco Umbrella Rank: 168816
196 KB
17 minutemediacdn.com
images2.minutemediacdn.com — Cisco Umbrella Rank: 19217
154 KB
13 spotify.com
open.spotify.com — Cisco Umbrella Rank: 4425
apresolve.spotify.com — Cisco Umbrella Rank: 806
gew4-spclient.spotify.com — Cisco Umbrella Rank: 12062
8 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 730
215 KB
10 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 12083
5 KB
10 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1474
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337
odb.outbrain.com — Cisco Umbrella Rank: 1813
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5995
mv.outbrain.com — Cisco Umbrella Rank: 2878
112 KB
9 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3870
t.skimresources.com — Cisco Umbrella Rank: 3687
p.skimresources.com — Cisco Umbrella Rank: 6586
r.skimresources.com — Cisco Umbrella Rank: 3481
ls.skimresources.com — Cisco Umbrella Rank: 10130
22 KB
8 spotifycdn.com
open.spotifycdn.com — Cisco Umbrella Rank: 9014
463 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
ad.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
161 KB
7 gstatic.com
fonts.gstatic.com
120 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 362
50 KB
6 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1251
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
925 B
6 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 6778
937 B
6 equalweb.com
cdn.equalweb.com — Cisco Umbrella Rank: 33104
28 KB
6 1428elm.com
1428elm.com
40 KB
5 scdn.co
encore.scdn.co — Cisco Umbrella Rank: 10139
i.scdn.co — Cisco Umbrella Rank: 989
384 KB
5 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265
log.outbrainimg.com — Cisco Umbrella Rank: 2588
images.outbrainimg.com — Cisco Umbrella Rank: 2497
66 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
321 KB
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702
image8.pubmatic.com — Cisco Umbrella Rank: 928
image2.pubmatic.com — Cisco Umbrella Rank: 1557
1 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
5 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 420
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
2 KB
3 openx.net
minutemedia-d.openx.net — Cisco Umbrella Rank: 34051
u.openx.net — Cisco Umbrella Rank: 975
651 B
3 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 5114
sync.richaudience.com — Cisco Umbrella Rank: 3036
688 B
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 863
eb2.3lift.com — Cisco Umbrella Rank: 652
1 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 3469
627 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3915
www.google.com — Cisco Umbrella Rank: 19
908 B
3 mmctsvc.com
cdn.mmctsvc.com — Cisco Umbrella Rank: 22379
138 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1004
syndication.twitter.com — Cisco Umbrella Rank: 1252
133 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
2 KB
3 wazimo.com
cdn.wazimo.com — Cisco Umbrella Rank: 33139
5 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2690
1 KB
2 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 12184
815 B
2 33across.com
ssc.33across.com — Cisco Umbrella Rank: 2889
518 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 694
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
315 B
2 memorizeneck.com
memorizeneck.com — Cisco Umbrella Rank: 110329
718 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
111 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1040
714 B
2 sharethrough.com
native.sharethrough.com — Cisco Umbrella Rank: 3166
match.sharethrough.com — Cisco Umbrella Rank: 799
71 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
1 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1508
212 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 985
222 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 2666
159 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 755
570 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1392
245 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1970
539 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2075
596 B
1 bqstreamer.com
bqstreamer.com — Cisco Umbrella Rank: 19340
433 B
1 minutemediaservices.com
promotions.minutemediaservices.com — Cisco Umbrella Rank: 33680
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4767
137 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2028
36 KB
1 sentry.io
o22381.ingest.sentry.io — Cisco Umbrella Rank: 15715
277 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 791
466 B
1 optimizely.com
cdn3.optimizely.com — Cisco Umbrella Rank: 7023
720 B
1 gammamaximum.com
gammamaximum.com — Cisco Umbrella Rank: 109635
28 KB
1 cloudfront.net
d3ujids68p6xmq.cloudfront.net
42 KB
1 webcontentassessor.com
scripts.webcontentassessor.com — Cisco Umbrella Rank: 4020
36 KB
225 59
Domain Requested by
19 cdn.fansided.com 1428elm.com
cdn.fansided.com
17 images2.minutemediacdn.com 1428elm.com
11 cdn.cookielaw.org 1428elm.com
cdn.cookielaw.org
scripts.webcontentassessor.com
10 ex.ingage.tech 3 redirects cdn.mmctsvc.com
10 gew4-spclient.spotify.com open.spotifycdn.com
8 open.spotifycdn.com open.spotify.com
open.spotifycdn.com
7 fonts.gstatic.com cdn.fansided.com
7 c.amazon-adsystem.com 1428elm.com
c.amazon-adsystem.com
6 pbs.nextmillmedia.com cdn.mmctsvc.com
6 cdn.equalweb.com scripts.webcontentassessor.com
cdn.equalweb.com
6 1428elm.com 1 redirects 1428elm.com
5 www.googletagmanager.com 1428elm.com
www.googletagmanager.com
cdn.mmctsvc.com
5 widgets.outbrain.com 1428elm.com
scripts.webcontentassessor.com
4 ib.adnxs.com cdn.mmctsvc.com
4 c2shb.pubgw.yahoo.com cdn.mmctsvc.com
4 encore.scdn.co open.spotify.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 x.bidswitch.net 3 redirects
3 ap.lijit.com cdn.mmctsvc.com
3 www.google.de 1428elm.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 t.skimresources.com 1428elm.com
s.skimresources.com
3 log.outbrainimg.com widgets.outbrain.com
3 cdn.mmctsvc.com scripts.webcontentassessor.com
cdn.mmctsvc.com
3 sb.scorecardresearch.com 1 redirects 1428elm.com
3 securepubads.g.doubleclick.net 1428elm.com
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
3 cdn.wazimo.com 1428elm.com
cdn.fansided.com
cdn.wazimo.com
2 ads.betweendigital.com 2 redirects
2 image8.pubmatic.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 minutemedia-d.openx.net cdn.mmctsvc.com
2 shb.richaudience.com cdn.mmctsvc.com
2 hb.minutemedia-prebid.com cdn.mmctsvc.com
2 ssc.33across.com cdn.mmctsvc.com
2 tlx.3lift.com cdn.mmctsvc.com
2 fastlane.rubiconproject.com cdn.mmctsvc.com
2 ls.skimresources.com s.skimresources.com
2 mcdp-nydc1.outbrain.com widgets.outbrain.com
2 www.facebook.com 1428elm.com
2 www.google.com 1428elm.com
2 memorizeneck.com gammamaximum.com
2 p.skimresources.com 1428elm.com
2 connect.facebook.net 1428elm.com
connect.facebook.net
2 platform.twitter.com 1428elm.com
scripts.webcontentassessor.com
2 open.spotify.com 1428elm.com
open.spotifycdn.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 fonts.googleapis.com 1428elm.com
1 match.sharethrough.com
1 prebid.a-mo.net 1 redirects
1 image2.pubmatic.com
1 cm.g.doubleclick.net 1 redirects
1 sync.richaudience.com
1 u.openx.net
1 eb2.3lift.com
1 app.fansided.com www.googletagmanager.com
1 images.outbrainimg.com 1428elm.com
1 ads.yieldmo.com cdn.mmctsvc.com
1 tag.1rx.io cdn.mmctsvc.com
1 htlb.casalemedia.com cdn.mmctsvc.com
1 hbopenbid.pubmatic.com cdn.mmctsvc.com
1 a.teads.tv cdn.mmctsvc.com
1 jadserve.postrelease.com scripts.webcontentassessor.com
1 geo.privacymanager.io ats.rlcdn.com
1 mv.outbrain.com scripts.webcontentassessor.com
1 bqstreamer.com cdn.fansided.com
1 promotions.minutemediaservices.com cdn.mmctsvc.com
1 s.ntv.io scripts.webcontentassessor.com
1 ats.rlcdn.com scripts.webcontentassessor.com
1 apresolve.spotify.com open.spotifycdn.com
1 odb.outbrain.com scripts.webcontentassessor.com
1 r.skimresources.com s.skimresources.com
1 o22381.ingest.sentry.io open.spotifycdn.com
1 region1.analytics.google.com www.googletagmanager.com
1 syndication.twitter.com platform.twitter.com
1 i.scdn.co open.spotifycdn.com
1 static.adsafeprotected.com scripts.webcontentassessor.com
1 s.skimresources.com www.googletagmanager.com
1 ad.doubleclick.net 1428elm.com
1 cdn3.optimizely.com d3ujids68p6xmq.cloudfront.net
1 widget-pixels.outbrain.com 1428elm.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 gammamaximum.com 1428elm.com
1 native.sharethrough.com 1428elm.com
1 d3ujids68p6xmq.cloudfront.net 1428elm.com
1 scripts.webcontentassessor.com 1428elm.com
225 85
Subject Issuer Validity Valid
rushthekop.com
R3
2022-07-21 -
2022-10-19
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-10 -
2023-05-10
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
blogoflegends.com
R3
2022-08-25 -
2022-11-23
3 months crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-08-04 -
2023-09-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
www.90min.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-25 -
2023-08-27
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-03 -
2023-04-04
a year crt.sh
*.sharethrough.com
Amazon
2022-07-14 -
2023-08-12
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.spotify.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-06 -
2023-04-06
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
gammamaximum.com
R3
2022-08-24 -
2022-11-22
3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-11 -
2023-03-15
a year crt.sh
*.optimizely.com
DigiCert SHA2 Secure Server CA
2021-12-24 -
2022-12-24
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-19 -
2022-09-17
3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA
2021-09-27 -
2022-10-28
a year crt.sh
*.scdn.co
DigiCert TLS RSA SHA256 2020 CA1
2022-08-02 -
2023-08-02
a year crt.sh
*.spotifycdn.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-02 -
2023-08-02
a year crt.sh
cdn.mmctsvc.com
R3
2022-07-17 -
2022-10-15
3 months crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
static.adsafeprotected.com
Amazon
2022-08-06 -
2023-09-04
a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
www.google.de
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.ingest.sentry.io
R3
2022-08-20 -
2022-11-18
3 months crt.sh
memorizeneck.com
R3
2022-08-29 -
2022-11-27
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.google.de
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA
2021-12-04 -
2022-12-06
a year crt.sh
*.minutemediaservices.com
Amazon
2022-01-24 -
2023-02-22
a year crt.sh
*.privacymanager.io
Amazon
2022-08-26 -
2023-09-24
a year crt.sh
*.postrelease.com
Amazon
2022-02-17 -
2023-03-18
a year crt.sh
pbs.nextmillmedia.com
Amazon
2022-07-13 -
2023-08-11
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA
2022-07-13 -
2023-08-11
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
ssc.33across.com
GTS CA 1D4
2022-07-17 -
2022-10-15
3 months crt.sh
hb.minutemedia-prebid.com
Amazon
2022-02-03 -
2023-03-04
a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
teads.tv
R3
2022-08-17 -
2022-11-15
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-29
a year crt.sh
*.yieldmo.com
Amazon
2022-04-25 -
2023-05-24
a year crt.sh
*.fansided.com
Amazon
2022-08-01 -
2023-08-30
a year crt.sh
*.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh

This page contains 6 frames:

Primary Page: https://1428elm.com/
Frame ID: 8031D4BAEF50FCA38CB0EBED4132E014
Requests: 185 HTTP requests in this frame

Frame: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Frame ID: FAA8F3FE4E9128E49FFE2DF48B40DF50
Requests: 22 HTTP requests in this frame

Frame: https://cdn3.optimizely.com/js/geo2.js?cb=1662815306661
Frame ID: 5FE54354F41836555ECF42350A37E883
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2F1428elm.com
Frame ID: C264621F279265B0666AC41ED6702A17
Requests: 2 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.862214523577514
Frame ID: 0199D2D63F1842FE36354AA43E47CCD5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6F1B8B8950C1CCF63D78C83DB1D9F5C2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

1428 Elm - Horror Genre News, Movies, TV Shows, Netflix & CommentaryBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://1428elm.com/ HTTP 301
    https://1428elm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • cdn\.equalweb\.com.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

225
Requests

97 %
HTTPS

39 %
IPv6

59
Domains

85
Subdomains

73
IPs

8
Countries

3123 kB
Transfer

9342 kB
Size

68
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1428elm.com/ HTTP 301
    https://1428elm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://sb.scorecardresearch.com/cs/18120612/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 218
  • https://ex.ingage.tech/v1/syncPage/yahoo?userId=e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8&to=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58602%2Focc HTTP 302
  • https://ups.analytics.yahoo.com/ups/58602/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58602/occ?verify=true HTTP 302
  • https://ex.ingage.tech/v1/syncPage/yahoo?uid=y-hPDHav1E2uH2D1sYF_E_aJFACeD0kaloKf4JEic-~A HTTP 302
  • https://ex.ingage.tech/v1/sync/yahoo/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=y-hPDHav1E2uH2D1sYF_E_aJFACeD0kaloKf4JEic-~A
Request Chain 220
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159660 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159660&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTEyQTFDNjYtMzI4OS00NUNGLThGQzctNjVEQzdERTlFODA0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 221
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Fe98d6ba7-1086-4f15-aa4f-a8f601ebd3d8%3Fuid%3D HTTP 302
  • https://ex.ingage.tech/v1/sync/amx/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=255a89c4-70d1-4b7f-91fc-d4da1f52f535&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 222
  • https://ex.ingage.tech/v1/syncPage/sharethrough?userId=e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8&to=https%3A%2F%2Fmatch.sharethrough.com%2Funiversal%2Fv1%3Fsupply_id%3Djc3Tkmr6 HTTP 302
  • https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
Request Chain 223
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dinsticator%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dinsticator%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e5b6abca-f094-52fd-8233-325ce12fbe0c&ssp=insticator&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://ex.ingage.tech/v1/sync/bidswitch/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=49ce499a-42ef-483e-8a02-42398c61ef37&gdpr=&gdpr_consent=&us_privacy=

225 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
1428elm.com/
Redirect Chain
  • http://1428elm.com/
  • https://1428elm.com/
121 KB
22 KB
Document
General
Full URL
https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:600::210:5b11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
6e26ff0c411d33997317ec5563c1608efc19f5ed16800fc6fd3ec70627147dfb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-length
22000
content-type
text/html; charset=UTF-8
date
Sat, 10 Sep 2022 13:08:26 GMT
expires
Sat, 10 Sep 2022 13:08:26 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Akamai
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-cache-config
0 0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-user-agent
standard
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 10 Sep 2022 13:08:26 GMT
Location
https://1428elm.com/
Referrer-Policy
no-referrer-when-downgrade
Server
Akamai
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
4990
vary
Accept-Encoding
content-length
7151
x-ms-lease-status
unlocked
last-modified
Thu, 08 Sep 2022 06:34:46 GMT
server
cloudflare
etag
0x8DA916439418414
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e946677d-f01e-000c-4151-c33617000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7488646f0c12bbcb-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ERttG9+iQk1LCPjR495NRw==
age
12568
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00bc8f20-801e-016a-3f39-28c218000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7488646f0c13bbcb-FRA
main.js
cdn.wazimo.com/engine/common/widgets/mmlogger/
2 KB
1 KB
Script
General
Full URL
https://cdn.wazimo.com/engine/common/widgets/mmlogger/main.js
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4579 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa962f2c5178a76ea72a184726aa7b849d92b4776d40044d93a478531b4fae93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Sep 2022 08:05:26 GMT
server
cloudflare
age
3206
etag
W/"6319a246-9e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv6qJ%2FQ1afAVwm5LFtvL%2F%2FifR9d%2FgiTUmS3d9W%2BmW76FFabfLHYUxUNRhY9vH21t%2FYjUS9hyU9XRcIh6W%2BZbsaH6relMxdhZDKPstaKJ0UH6ENCZiSjVIbe7zPbcpXJdE8RtK2YVbmJ4OS8L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=2537
cf-ray
748864702f159b5b-FRA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
minify
style.css
1428elm.com/wp-content/plugins/voltax-video-player/styles/
116 B
628 B
Stylesheet
General
Full URL
https://1428elm.com/wp-content/plugins/voltax-video-player/styles/style.css?ver=1644424553
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:600::210:5b11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 16:35:53 GMT
server
Akamai
etag
"6203ed69-74"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1022727
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
120
expires
Thu, 22 Sep 2022 09:13:53 GMT
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald&ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 13:05:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 10 Sep 2022 13:08:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Sep 2022 13:08:26 GMT
css
fonts.googleapis.com/
722 B
452 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web&ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19c459b0ed66b69066cef6ca25981e3c5252bb0712e6307769acdafb59ddfbf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 11:38:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 10 Sep 2022 13:08:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Sep 2022 13:08:26 GMT
style.css
cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/
434 KB
68 KB
Stylesheet
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
29bd20722dcc17f6d043bd905e16bfa1c6d38b301713b616e606ec7fd6cadb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:05 GMT
server
Akamai
etag
W/"630cee79-6c740"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1568637
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
69091
expires
Wed, 28 Sep 2022 16:52:23 GMT
shortcodes-f7dd6f7f5d.css
1428elm.com/wp-content/plugins/fansided-shortcodes/dist/
61 KB
10 KB
Stylesheet
General
Full URL
https://1428elm.com/wp-content/plugins/fansided-shortcodes/dist/shortcodes-f7dd6f7f5d.css
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:600::210:5b11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
b0c2113e1ad7f23803d09116ac468469cad617e7afe10de77779e14a25f1a08b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 00:04:42 GMT
server
Akamai
etag
W/"6257651a-f488"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1482792
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
9622
expires
Tue, 27 Sep 2022 17:01:38 GMT
network-nav.css
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/
40 KB
7 KB
Stylesheet
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
2e8eb8e96e4642198b4bf42b26a34cd87de62058ea2533daeb8d5ae4bbbba446

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:19 GMT
server
Akamai
etag
W/"630cee87-9e56"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1568561
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
6596
expires
Wed, 28 Sep 2022 16:51:07 GMT
mm-video.js
cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/
74 B
577 B
Script
General
Full URL
https://cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/mm-video.js?ver=1.6.0
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
c889d3593066c74eae7b8f0ee34c61dbe7c6a57a1807830e7c29bd807781fac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 16:35:53 GMT
server
Akamai
etag
"6203ed69-4a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=708778
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
59
expires
Sun, 18 Sep 2022 18:01:24 GMT
jquery.js
cdn.fansided.com/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Mar 2022 06:24:25 GMT
server
Akamai
etag
W/"622aeb19-17a6a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1472051
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
34019
expires
Tue, 27 Sep 2022 14:02:37 GMT
iframeSizer.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/
11 KB
5 KB
Script
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/iframeSizer.min.js?ver=4.9.21
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:00 GMT
server
Akamai
etag
W/"630cee74-2d5b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1733899
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
4629
expires
Fri, 30 Sep 2022 14:46:45 GMT
a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
scripts.webcontentassessor.com/scripts/
138 KB
36 KB
Script
General
Full URL
https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87c0a0481b438c8b4b58c77ba89ae99b02185d9ce39b7b79141b81da5efcbdbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
ZPnwKDm36EQtL_VJlXYmNzEG7J6bJvoB
content-encoding
gzip
etag
"a4e26741cd01a90973fd36731258cfc1"
age
3535
x-cache
HIT
content-length
35956
x-amz-id-2
CnUZpR9xKvwqNk4V3/b1YruwxnoVIxbaHkgVNEk5EJwd4Dqy9os320Qn7hGLPVXvRxg5H6qdiyA=
x-served-by
cache-hhn4073-HHN
last-modified
Sat, 10 Sep 2022 12:04:22 GMT
server
AmazonS3
x-timer
S1662815306.117346,VS0,VE0
date
Sat, 10 Sep 2022 13:08:26 GMT
vary
Accept-Encoding
x-amz-request-id
P1FKENB1Z6ND2MXY
via
1.1 varnish
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
9
gpt.js
securepubads.g.doubleclick.net/tag/js/
84 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b170f3f97cae5bf03a7806b52694de356c15c8ed4f820af03f93a6b0194206fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28693
x-xss-protection
0
server
sffe
etag
"1329 / 387 of 1000 / last-modified: 1662761244"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 10 Sep 2022 13:08:26 GMT
logo_1428elm-com__150x150.png
images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/1428elm/
2 KB
2 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/1428elm/logo_1428elm-com__150x150.png
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b6e56f7d4d691eae8da027ce18e651b6e0b6a3fd7facd5aff5b5a2d0fafdde7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
459830596728204990048954205245866819082,662553213988233024108064803616198510339,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="logo_1428elm-com__150x150.webp"
content-length
1884
x-served-by
cache-lga21946-LGA
last-modified
Tue, 25 Feb 2020 19:23:44 GMT
x-timer
S1661858844.631476,VS0,VE85
etag
"17b79cd35ca721ea7abb094f4e0732b0"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
logo_1428elm-com__150x150.png
cdn.fansided.com/wp-content/assets/site_images/1428elm/
6 KB
6 KB
Image
General
Full URL
https://cdn.fansided.com/wp-content/assets/site_images/1428elm/logo_1428elm-com__150x150.png
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
1a17e916c231c44676b729589a258a2e9083f092474760d454fbd22ac30e1c47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 03 Feb 2016 20:26:11 GMT
server
Akamai
etag
"56b26263-170a"
content-type
image/png
cache-control
max-age=2435506
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
5898
expires
Sat, 08 Oct 2022 17:40:12 GMT
fansided-logo.svg
cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/
8 KB
3 KB
Image
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/fansided-logo.svg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jul 2022 20:21:25 GMT
server
Akamai
etag
W/"62e19e45-2191"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=776312
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
3016
expires
Mon, 19 Sep 2022 12:46:58 GMT
apple-app.png
1428elm.com/wp-content/themes/fansided-v5/assets/images/
2 KB
2 KB
Image
General
Full URL
https://1428elm.com/wp-content/themes/fansided-v5/assets/images/apple-app.png
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:600::210:5b11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jul 2022 20:21:25 GMT
server
Akamai
etag
"62e19e45-682"
content-type
image/png
cache-control
max-age=280728
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
1666
expires
Tue, 13 Sep 2022 19:07:14 GMT
android-app.png
1428elm.com/wp-content/themes/fansided-v5/assets/images/
4 KB
4 KB
Image
General
Full URL
https://1428elm.com/wp-content/themes/fansided-v5/assets/images/android-app.png
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:600::210:5b11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jul 2022 20:21:25 GMT
server
Akamai
etag
"62e19e45-f1f"
content-type
image/png
cache-control
max-age=339802
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
3871
expires
Wed, 14 Sep 2022 11:31:48 GMT
abw.js
d3ujids68p6xmq.cloudfront.net/
223 KB
42 KB
Script
General
Full URL
https://d3ujids68p6xmq.cloudfront.net/abw.js
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-184.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 03:37:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Feb 2018 14:40:14 GMT
Server
AmazonS3
Age
36734
ETag
"e817b0f323fb2559fcb2e5701865527a"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Length
42771
X-Amz-Cf-Id
HuIoCKij3rvyXv3GOMwg2LZmBDWf_N4pKShrHa6TfMslxG1YzoM4cA==
front.js
cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/
1 KB
919 B
Script
General
Full URL
https://cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/front.js?ver=1644424553
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 16:35:53 GMT
server
Akamai
etag
W/"6203ed69-41a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1405015
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
405
expires
Mon, 26 Sep 2022 19:25:21 GMT
longform.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/
272 B
720 B
Script
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/longform.min.js?ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:50:59 GMT
server
Akamai
etag
"630cee73-110"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1568539
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
202
expires
Wed, 28 Sep 2022 16:50:45 GMT
fs-event-preview.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/
1 KB
999 B
Script
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/fs-event-preview.min.js?ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:50:59 GMT
server
Akamai
etag
W/"630cee73-5ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1568433
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
485
expires
Wed, 28 Sep 2022 16:48:59 GMT
outbrain.js
widgets.outbrain.com/
207 KB
72 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6b4b6eaf5c8955fb42b9551fd2aab3ee3022d3b41818f3ad305166a837716

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 11:46:38 GMT
etag
"17-o8GUaUsuF1LTgPL77mvXadCrw+Y"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
90ef572b57c1aa028c99d045e36f6e20
timing-allow-origin
*, *
content-length
72874
slick.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/
39 KB
10 KB
Script
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/slick.min.js?ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
ee5cee59a5aae5b3a05e9ba3de8f668ccb79b0f03a304d243e4633e081981440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:50:29 GMT
server
Akamai
etag
W/"630cee55-9be7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1568657
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
9725
expires
Wed, 28 Sep 2022 16:52:43 GMT
main.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/
27 KB
9 KB
Script
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/main.min.js?ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
0a7d2102b40065807ab283b7a4a2256bf1c18d3cb804b46035999e8be8593d25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:50:59 GMT
server
Akamai
etag
W/"630cee73-6c48"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1568619
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
8753
expires
Wed, 28 Sep 2022 16:52:05 GMT
network-nav.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/
38 KB
14 KB
Script
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.min.js?ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
1b2295f150d93c7cbbae441911d7d71dbca1852c713744b0aea4a8566ab5342d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:19 GMT
server
Akamai
etag
W/"630cee87-97de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1568590
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
13887
expires
Wed, 28 Sep 2022 16:51:36 GMT
bundled-scripts.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/
946 B
969 B
Script
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/bundled-scripts.min.js?ver=2.73.2
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 16:51:07 GMT
server
Akamai
etag
W/"630cee7b-3b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1568590
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
455
expires
Wed, 28 Sep 2022 16:51:36 GMT
wp-embed.js
cdn.fansided.com/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://cdn.fansided.com/wp-includes/js/wp-embed.js?ver=4.9.21
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Aug 2022 22:55:57 GMT
server
Akamai
etag
W/"630e957d-c68"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1733832
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
1243
expires
Fri, 30 Sep 2022 14:45:38 GMT
sfp.js
native.sharethrough.com/assets/
264 KB
71 KB
Script
General
Full URL
https://native.sharethrough.com/assets/sfp.js?ver=4.9.21
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-86.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0254f664aaf6f2c172fadda0971ad2bb5dcd106617750a78c49a4f0cab1fad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 12:37:12 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 15:02:19 GMT
server
AmazonS3
age
1875
etag
W/"0fb5f5e697f7a4a77a89f18e7bcb37cc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ZkPHF2br4fb95h4T-NALQnjCIZYD37bV1boUjAS9oLO9XUzznS8w3g==
expires
Fri, 02 Sep 2022 16:02:17 GMT
apstag.js
c.amazon-adsystem.com/aax2/
166 KB
43 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 10 Sep 2022 12:39:58 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
1709
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-C1
content-encoding
gzip
x-amz-cf-id
k-1cSUc8O4PL8uYEChkFjR9cSzRqOzqUr3a5i_HGcIexXifdWxQ4oQ==
b7de31ba-a467-4f1c-a1e4-dbaad4f65f02.json
cdn.cookielaw.org/consent/b7de31ba-a467-4f1c-a1e4-dbaad4f65f02/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/b7de31ba-a467-4f1c-a1e4-dbaad4f65f02/b7de31ba-a467-4f1c-a1e4-dbaad4f65f02.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd87a6b70d7b8e7978f80947a231dd3292c7d528796a980b240b538d3aa4418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JSbz2riYyyBh14jeZkXE7Q==
age
11852
vary
Accept-Encoding
content-length
1562
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jul 2022 15:27:49 GMT
server
cloudflare
etag
0x8DA6F1B65EA26EB
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1ffabc3f-a01e-00be-4f04-a1cd6d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7488646f88d79b83-FRA
expires
Sat, 10 Sep 2022 17:08:26 GMT
twemoji.js
cdn.fansided.com/wp-includes/js/
25 KB
8 KB
Script
General
Full URL
https://cdn.fansided.com/wp-includes/js/twemoji.js?ver=4.9.21
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Aug 2022 22:55:57 GMT
server
Akamai
etag
W/"630e957d-64c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1733942
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
7682
expires
Fri, 30 Sep 2022 14:47:28 GMT
wp-emoji.js
cdn.fansided.com/wp-includes/js/
7 KB
3 KB
Script
General
Full URL
https://cdn.fansided.com/wp-includes/js/wp-emoji.js?ver=4.9.21
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Aug 2022 22:55:57 GMT
server
Akamai
etag
W/"630e957d-1a68"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1733850
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
content-length
2637
expires
Fri, 30 Sep 2022 14:45:56 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
182 B
392 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6afee29defad466d4261ffa3473a90050d6202d9270147a8ea95b49dcde213c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7488646fcd78bb71-FRA
access-control-allow-headers
Content-Type
gtm.js
www.googletagmanager.com/
435 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f83f1791425efca755369b9ac69397dff7f6cdaa14551d1ce6a1e75f7b3ab5d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91948
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Sep 2022 13:08:26 GMT
anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff
fonts.gstatic.com/s/titilliumweb/v4/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://1428elm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 21:30:05 GMT
x-content-type-options
nosniff
age
401901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15292
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 23:51:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 05 Sep 2023 21:30:05 GMT
FontSided1dot5.woff
cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/
19 KB
20 KB
Font
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/FontSided1dot5.woff?v=1.5
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://1428elm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 24 Aug 2022 17:16:42 GMT
server
Akamai
etag
"63065cfa-4bec"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=1370149
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
19436
expires
Mon, 26 Sep 2022 09:44:15 GMT
Y_TKV6o8WovbUd3m_X9aAA.ttf
fonts.gstatic.com/s/oswald/v10/
34 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v10/Y_TKV6o8WovbUd3m_X9aAA.ttf
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
334a98eaeec325cbc84a300e98e133aae9fac74e682f34d11bf0cea7236781f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://1428elm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 14:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19906
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:36:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 14:48:38 GMT
6UGoRQhRNHXeNq8HwQ1JON
open.spotify.com/embed/show/ Frame FAA8
15 KB
7 KB
Document
General
Full URL
https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
540f28d2413bd42f5edbba260e2dd43a4755c7c1236ceada6f55c1295d452dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://1428elm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 10 Sep 2022 13:08:26 GMT
server
envoy
sp-trace-id
c3ba175a0dd90d1e
strict-transport-security
max-age=31536000
vary
Accept-Encoding,Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
x-content-type-options
nosniff
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_76048.jpeg
images2.minutemediacdn.com/image/fetch/w_580,h_480,c_fill,g_auto,f_auto/
40 KB
41 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_580,h_480,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_76048.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4a1852b65468160040ac64a15d26fca0528f3f61cc4722150d7cc2e332de5784

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
390204385261379860196799672757561616229,535846883432006329681585907625717777215,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="ie_76048.webp"
content-length
41362
x-served-by
cache-iad-kiad7000134-IAD
last-modified
Fri, 10 Sep 2021 13:15:01 GMT
x-timer
S1662813587.601908,VS0,VE56
etag
"b0728eb736b54377d692c533cbb82af2"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91964.jpeg
images2.minutemediacdn.com/image/fetch/w_580,h_260,c_fill,g_auto,f_auto/
18 KB
19 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_580,h_260,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91964.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32abbfc580aae2787337f821c59d96506969d0d3e701bf1843181fce0081bf57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
429226197823295738076642598224126240193,463698462999677659810637888945191188742,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91964.webp"
content-length
18912
x-request-id
d43e0deac841c0dfedb501cb2ba79a81
x-served-by
cache-lga21949-LGA
last-modified
Wed, 07 Sep 2022 18:13:26 GMT
x-timer
S1662574404.234350,VS0,VE1280
etag
"ced8755cf051d5fd72db85f3ed93dc7c"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91023.jpeg
images2.minutemediacdn.com/image/fetch/w_302,h_220,c_fill,g_auto,f_auto/
11 KB
11 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_302,h_220,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91023.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b8ab5495b94d864fdc4adf3423db0fe6362ca051ab5cdc8bca11e581e25cd19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
567935290828078388364474176793498885068,475145223184120493039428780604261155024,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91023.webp"
content-length
10770
x-request-id
0d915e081c1a36d335db82c4d0a995da
x-served-by
cache-lga21934-LGA
last-modified
Tue, 30 Aug 2022 11:55:01 GMT
x-timer
S1662574404.270623,VS0,VE599
etag
"64bec394975b3d9ff87f90842dedb325"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91969.jpeg
images2.minutemediacdn.com/image/fetch/w_302,h_220,c_fill,g_auto,f_auto/
12 KB
13 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_302,h_220,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91969.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aff15f1d06e0a1a950db03ffbad3183a237c3ce74b8c8e760cd5f2e478f0986c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
cache-tag
470839952649490175174491315531204245778,475145223184120493039428780604261155024,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91969.webp"
content-length
12622
x-request-id
d205196d8ceedb723777aad88c768d0c
x-served-by
cache-lga21932-LGA
last-modified
Fri, 09 Sep 2022 11:38:39 GMT
x-timer
S1662815306.411675,VS0,VE603
etag
"62ee522b221cc46f8628aa623d6f18e4"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:27 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/
39 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v10/bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://1428elm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22073
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:36:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Sep 2023 17:12:02 GMT
HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/
30 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v10/HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://1428elm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18810
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:38:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Sep 2023 17:26:33 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.37.0/
367 KB
87 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
84QDGKEUCS7BR7wlSH5now==
age
12581
vary
Accept-Encoding
content-length
89029
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:58 GMT
server
cloudflare
etag
0x8DA6BAB51B19C0E
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55dbfc92-801e-00ed-7f9a-9dd162000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
748864708ea7bbcb-FRA
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/18120612/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 12:44:57 GMT
content-encoding
gzip
etag
W/"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
1410
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Hf9inNj1Usi5aveJewuLLSbBJQ6zQ1pYvRB-xQys4F76zeiww2Yv7A==

Redirect headers

location
/internal-cs/default/beacon.js
date
Sat, 10 Sep 2022 13:08:26 GMT
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
VxP3piz6HIQ7sgC_vxWdOp0ZhbHJYswrmXzJxZm1jKvDJIJSyXEnGw==
x-cache
Miss from cloudfront
widgets.js
platform.twitter.com/
97 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1212
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29220
x-tw-cdn
VZ
Last-Modified
Wed, 31 Aug 2022 20:41:50 GMT
Server
ECS (frb/6796)
Etag
"f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
gammamaximum.com/
92 KB
28 KB
Script
General
Full URL
https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
8d2c38621c47d0d6253a21287bc854b473d73e4bacde1d1c8bd308eff5f55738
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"41fd993d9877fcc08cc05a8e21a917e634ee2095b1318e32e25e6b3a20d377a9"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-c63t
content-type
text/javascript; charset=utf-8
via
1.1 google
cache-control
private, must-revalidate, max-age=21600
date
Sat, 10 Sep 2022 13:08:26 GMT
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff
fonts.gstatic.com/s/titilliumweb/v4/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://1428elm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 01:54:15 GMT
x-content-type-options
nosniff
age
126851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15504
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 23:53:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 01:54:15 GMT
anMUvcNT0H1YN4FII8wpr24bNCNEoFTpS2BTjF6FB5E.woff
fonts.gstatic.com/s/titilliumweb/v4/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr24bNCNEoFTpS2BTjF6FB5E.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c4379ae888a737fd330f0c964e263b1a64a51a7a69a5c76f3dc049a7f1b325a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://1428elm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 03:23:46 GMT
x-content-type-options
nosniff
age
294280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15568
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 23:50:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 07 Sep 2023 03:23:46 GMT
anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff
fonts.gstatic.com/s/titilliumweb/v4/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.73.2
Origin
https://1428elm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 14:20:24 GMT
x-content-type-options
nosniff
age
341282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14692
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 23:51:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Sep 2023 14:20:24 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
25747
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Sat, 10 Sep 2022 13:08:26 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
kSWIvADG9YqrzWvIcTiEkAhJHZyxFkPT8BCeWQ6tcayCxq0uPyYHKg==
pubads_impl_2022090701.js
securepubads.g.doubleclick.net/gpt/
382 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133090
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 08:36:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Sep 2023 11:47:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
416 B
198 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=1428elm.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58023ca0b63c30d34ce6fe8f0c2bba1d05fcf68530ed282df22be8d8bbd9402f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
173
x-xss-protection
0
expires
Sat, 10 Sep 2022 13:08:26 GMT
accessibility-light.svg
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/
612 B
870 B
Image
General
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/accessibility-light.svg
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.73.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.73.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Jul 2022 19:21:42 GMT
server
Akamai
etag
"62bf4946-264"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1476715
date
Sat, 10 Sep 2022 13:08:26 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
351
expires
Tue, 27 Sep 2022 15:20:21 GMT
MTQyOGVsbS5jb20=
tcheck.outbrainimg.com/tcheck/check/
16 B
464 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/MTQyOGVsbS5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=13255
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
312a9786c859bea4c901a7df7cd8a291
Content-Length
16
Expires
Sat, 10 Sep 2022 16:49:21 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/
43 B
341 B
Image
General
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Mon, 10 Oct 2022 13:08:26 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
191 B
322 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51d1f220e6b2184a1d55b715797a89377333709de7bf7c8ab12dbef2fec50faf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
748864725f009a03-FRA
date
Sat, 10 Sep 2022 13:08:26 GMT
vary
Accept-Encoding
content-type
text/javascript
/
cdn.wazimo.com/engine/common/widgets/mmlogger/min/
8 KB
3 KB
Script
General
Full URL
https://cdn.wazimo.com/engine/common/widgets/mmlogger/min/?static=true&v=1016
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4579 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
9b87e2383441f1aa07178b3ceaf513b91b8984dec523c3a177262bafb05845fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
3468
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FvAbDabuvFU86%2F9TnRFEH4hKTByAC8yXrXR0rwNotYvU5vLRAftsjcsns0K20FI2QU4IY5TuavXarbBSFiLn40inZ%2Fyhxntdmc1IkuZoyTf%2FguyCVbJyUamUfW9jYKba0rvatln8rIozb%2B6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=11557
last-modified
Sat, 10 Sep 2022 12:10:38 GMT
cf-ray
748864724b929b5b-FRA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
https%3A%2F%2Fnetflixlife.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91782-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/
2 KB
3 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fnetflixlife.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91782-850x560.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ab3ba1aea251f28139d1d667bec65bd2e49d2bc5586f000a6963614e91c59042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
524993076744539452767876857211678881980,476083543486782568568746076822847310510,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91782-850x560.webp"
content-length
2434
x-request-id
b39aea4c49d852831f929e983508e723
x-served-by
cache-iad-kiad7000160-IAD
last-modified
Fri, 09 Sep 2022 04:03:38 GMT
x-timer
S1662697979.118783,VS0,VE451
etag
"3b79803abdfc74320d686598b7678cb0"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2Fnetflixlife.com%2Ffiles%2Fimage-exchange%2F2016%2F04%2Fie_36582-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/
3 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fnetflixlife.com%2Ffiles%2Fimage-exchange%2F2016%2F04%2Fie_36582-850x560.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ba5463e09717766674cb4101725eecea0bf32de980e2d2a9eac3e1cdaf4eff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
526806076586031625465288291926821524568,476083543486782568568746076822847310510,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="ie_36582-850x560.webp"
content-length
3204
x-served-by
cache-iad-kiad7000143-IAD
last-modified
Mon, 19 Apr 2021 18:35:17 GMT
x-timer
S1662135936.851571,VS0,VE2
etag
"3a8451bf5e5f2e4a5b4ba9fc8a244525"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
https%3A%2F%2Fhiddenremote.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91783-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/
4 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fhiddenremote.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91783-850x560.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d981c15ea646ee3aec4897ad76a576694cffb0159a0d39f4459e7044958625c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
570859268222401075964876799403346866960,476083543486782568568746076822847310510,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91783-850x560.webp"
content-length
3662
x-request-id
99e9a6432d98570a0f9e5783aa389559
x-served-by
cache-iad-kiad7000135-IAD
last-modified
Thu, 01 Sep 2022 17:05:27 GMT
x-timer
S1662060900.848680,VS0,VE438
etag
"5fa1150cafbb9a3fec0b9f39094f0037"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_89940.jpeg
images2.minutemediacdn.com/image/fetch/w_300,h_200,c_fill,g_auto,f_auto/
11 KB
12 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_300,h_200,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_89940.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ba924e0c34a8b78a28ad933ebe2742c98307b63b19903014060d16e42bbfe008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
636330173380364044748963499882782539123,546971110088964070340651877030391493426,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="ie_89940.webp"
content-length
11772
x-served-by
cache-iad-kjyo7100060-IAD
last-modified
Sun, 31 Jul 2022 15:54:49 GMT
x-timer
S1662107813.052768,VS0,VE87
etag
"e7f7129010d542d5171b73c49f0215ed"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91175.jpeg
images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/
2 KB
3 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91175.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ef84ac31eb8c679d1a94fd888c449c58ab9d372c3e5d48e3f5daa3367024b15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
529712384825271005740752181679689779115,361277880450245795473246292284680000839,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91175.webp"
content-length
2448
x-request-id
377136ea1c6ef8c287487a670d5fb0e3
x-served-by
cache-lga21980-LGA
last-modified
Fri, 19 Aug 2022 12:19:24 GMT
x-timer
S1662005232.987043,VS0,VE1
etag
"24432b0a3685cc71fc03a1ddb36bd52b"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_90880.jpeg
images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/
6 KB
6 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_90880.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
621a5e27807c3c536b6729a476f784858e68c060fb176c216c7a85dd1234b2ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
460511116758253280605635186393529960817,361277880450245795473246292284680000839,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="ie_90880.webp"
content-length
6076
x-served-by
cache-iad-kiad7000064-IAD
last-modified
Tue, 23 Aug 2022 14:25:35 GMT
x-timer
S1662147453.885038,VS0,VE1
etag
"b47bced7c44627b8013c8dfaa3354d91"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_89940.jpeg
images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/
7 KB
7 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_89940.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4512cabf9f9cece5045ebc0762975ff88015623aa41cdb216f4e5b1a4df66531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
636330173380364044748963499882782539123,361277880450245795473246292284680000839,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="ie_89940.webp"
content-length
6968
x-served-by
cache-iad-kiad7000021-IAD
last-modified
Tue, 09 Aug 2022 11:42:18 GMT
x-timer
S1660720670.288557,VS0,VE73
etag
"cac9be1bc5b6ce91109e0afeb610094f"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91704.jpeg
images2.minutemediacdn.com/image/fetch/w_300,h_200,c_fill,g_auto,f_auto/
6 KB
7 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_300,h_200,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91704.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
30671e8390306fbd33e0bdbecc86fb3c37593352dc6b31930cd26048bc08c69b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
360215966263322490921808602334819726668,546971110088964070340651877030391493426,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91704.webp"
content-length
6552
x-request-id
e52be7f25a76d7ddc71362ffb9008e87
x-served-by
cache-iad-kiad7000077-IAD
last-modified
Sat, 03 Sep 2022 12:06:36 GMT
x-timer
S1662645561.341217,VS0,VE487
etag
"f364318f2443938cb02efa113d9c3c20"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91601.jpeg
images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/
1 KB
2 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91601.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
17fcda082e71be770d01ef9cc22fa7e4be5744e15e75d795c0cab417d33be0cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
437984413040630262544734979550868795871,361277880450245795473246292284680000839,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91601.webp"
content-length
1404
x-request-id
4e8629e01e6f345fa1c1e3a5d95b33d6
x-served-by
cache-lga21933-LGA
last-modified
Wed, 31 Aug 2022 11:05:42 GMT
x-timer
S1662645561.340765,VS0,VE534
etag
"57267fdab80339a0397391db0b3595c1"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91229.jpeg
images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/
5 KB
5 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91229.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3262dc8e037719b709a5d6c68e2eaede4827f7b2ef6c6ce471f2ee89bb81f767

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
523886158776204818628851560495991531469,361277880450245795473246292284680000839,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91229.webp"
content-length
5040
x-request-id
8785fc7afa8d55bb94cb87b8d349eda6
x-served-by
cache-iad-kjyo7100092-IAD
last-modified
Mon, 29 Aug 2022 04:04:54 GMT
x-timer
S1662133006.197627,VS0,VE419
etag
"6cb216f5744c2984d5a49b98d0e1fd0e"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91159.jpeg
images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/
2 KB
3 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_150,h_120,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_91159.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5ffecb1401a602662fbb3b86d9bd413c5e49391fa53be39602ad4edff08db3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
508066649790824552425988607688400780725,361277880450245795473246292284680000839,94a1dd9ac5291745da96948b5fe90b03
status
200 OK
content-disposition
inline; filename="ie_91159.webp"
content-length
2248
x-request-id
34d946e26470670a92758a2cf512b8cc
x-served-by
cache-iad-kjyo7100049-IAD
last-modified
Thu, 25 Aug 2022 11:06:54 GMT
x-timer
S1662032441.808591,VS0,VE425
etag
"19533222dbed92c4b1e00d79762a37be"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91059.jpeg
images2.minutemediacdn.com/image/fetch/w_300,h_200,c_fill,g_auto,f_auto/
12 KB
12 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/fetch/w_300,h_200,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_91059.jpeg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4a776fe296c8109e914f56d2f82b07ac508361c7e48b2df55342ab195bf0b79b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
cache-tag
396393703214005122573184078578617243186,546971110088964070340651877030391493426,94a1dd9ac5291745da96948b5fe90b03
content-disposition
inline; filename="ie_91059.webp"
content-length
11910
x-served-by
cache-iad-kiad7000048-IAD
last-modified
Sun, 28 Aug 2022 00:36:47 GMT
x-timer
S1662815307.765926,VS0,VE117
etag
"c874d9492a6b904fdd6294f7a0e41cde"
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 17 Sep 2022 13:08:26 GMT
cache-control
private, max-age=31480699
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
geo2.js
cdn3.optimizely.com/js/ Frame 5FE5
294 B
720 B
Script
General
Full URL
https://cdn3.optimizely.com/js/geo2.js?cb=1662815306661
Requested by
Host: d3ujids68p6xmq.cloudfront.net
URL: https://d3ujids68p6xmq.cloudfront.net/abw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
96.16.142.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-142-89.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
55628ca3cfa5bbf0b23c0b5d0815a2aa019b9672ccd2b778c2de35c8644f775d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
x-amz-version-id
Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server
AmazonS3
x-amz-request-id
X7PFXN75RDZFHZ0B
ETag
"adadfc5d7afd13e353d9d52cec1c7827"
Content-Type
application/javascript
Cache-Control
max-age=34088
Date
Sat, 10 Sep 2022 13:08:26 GMT
Connection
keep-alive
Content-Length
294
x-amz-id-2
KXCq6comk7Lq5amOzbTWirk80o+3uG+30SpoOuXztnYMSbqB0Pm0fSnjNHduzlinny4+c7VPOy0=
;ord=1662815306663
ad.doubleclick.net/ddm/ad/bxxaqe/rzrtvdu/zbexbypozwu/fv/
43 B
628 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/ad/bxxaqe/rzrtvdu/zbexbypozwu/fv/;ord=1662815306663?
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
209 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
486c16398030aaa3ce4d9d0d809bbf2b88e0792bfa47dc1ea8a0cf1fa11d778b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74824
x-xss-protection
0
expires
Sat, 10 Sep 2022 13:08:26 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
386
date
Sat, 10 Sep 2022 13:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 10 Sep 2022 15:02:00 GMT
fbevents.js
connect.facebook.net/en_US/
100 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26737
x-xss-protection
0
pragma
public
x-fb-debug
W9K+dfoyQ/APNuKjVOl3qmW0OVu7Ts/qWgcxkcK8fq1nGYEXq6z1hGEtdEngoaLHatiKsCoxIqet5VqJ4q7ZsA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Sep 2022 13:08:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
124578X1617579.skimlinks.js
s.skimresources.com/js/
56 KB
21 KB
Script
General
Full URL
https://s.skimresources.com/js/124578X1617579.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ca8b364effc1bc14307e86e63c763d97ac4679909d03eee0581a1bfc2661b51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 08:55:38 GMT
server
AmazonS3
x-amz-request-id
CAT13BABTBXKH33M
etag
"100dbb52f697f7129a54f88fe7a4f56d"
x-hw
1662815306.cds149.fr8.hn,1662815306.cds246.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
20715
x-amz-id-2
MDRE8okCjreg9SkQTD5++vz3Gx7wyx5Vx6gjSmpXbaKWY/jGmfOgw5FivK6EgsX+FFH8nKMFGfM=
accessibility.js
cdn.equalweb.com/core/3.0.3/
34 KB
13 KB
Script
General
Full URL
https://cdn.equalweb.com/core/3.0.3/accessibility.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1428elm.com/
Origin
https://1428elm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
791997
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sun, 30 May 2021 11:33:38 GMT
server
cloudflare
x-frame-options
deny
etag
W/"0155a24755d71:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2mhGHzeBCoGjKSLFq1w9j%2BzxClqVlZDuaaHqe%2B%2FG9fo03%2Bbpp73it%2BYgpYaiw8Xj9sxNKPS4S8G8L%2FiYadGcxeUksiVe8n1jkML3b09D3UgEA5OEnP7v9zdUDfEH327Es2Sw%2FUVw%2BUiJn73GI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-country
DE
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
748864738808912a-FRA
en.json
cdn.cookielaw.org/consent/b7de31ba-a467-4f1c-a1e4-dbaad4f65f02/2c2ab046-776b-4659-9030-64fc8f5d6c48/
129 KB
24 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/b7de31ba-a467-4f1c-a1e4-dbaad4f65f02/2c2ab046-776b-4659-9030-64fc8f5d6c48/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
247caf8ecadeefc4e1019196ab84b9660148b348f3993019cd95ab994f67fe0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ob0MCE3a8KV4Ffe8/Bg7Qg==
age
11821
vary
Accept-Encoding
content-length
24498
x-ms-lease-status
unlocked
last-modified
Tue, 26 Jul 2022 15:28:30 GMT
server
cloudflare
etag
0x8DA6F1B7E9DACD3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ec01263e-301e-0099-3807-a15724000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
748864730e4d9b83-FRA
expires
Sat, 10 Sep 2022 17:08:26 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/
352 KB
51 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ed4a74eafc601b0aa2f81389185002dd37349730665110c0ff7fff8e6b88a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
9/OlryJ+TA1UcDUyVPrvZw==
age
11821
vary
Accept-Encoding
content-length
51568
x-ms-lease-status
unlocked
last-modified
Sat, 10 Sep 2022 08:50:10 GMT
server
cloudflare
etag
0x8DA930978037579
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9e4c4cea-f01e-00cb-7bf4-c44ad6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
748864730e4f9b83-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/6.37.0/
68 KB
15 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/otTCF.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
a9Vlhbbwqsoox/DXP8565Q==
age
10981
vary
Accept-Encoding
content-length
15011
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:56 GMT
server
cloudflare
etag
0x8DA6BAB50B11A38
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
13857594-401e-0051-48b2-9dc613000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
748864730b61bbcb-FRA
CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
encore.scdn.co/fonts/ Frame FAA8
82 KB
83 KB
Font
General
Full URL
https://encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 May 2022 11:38:51 GMT
Age
5785508
ETag
"f7b12903dd7a2d536ceb2b7cd1dba2c1"
X-Served-By
cache-ord1745-ORD, cache-chi-kigq8000087-CHI, cache-ams21055-AMS
X-Cache
HIT, HIT, HIT
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84027
X-Cache-Hits
1, 1, 62497
CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
encore.scdn.co/fonts/ Frame FAA8
87 KB
88 KB
Font
General
Full URL
https://encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 May 2022 11:38:50 GMT
Age
7554487
ETag
"216b12b5a9657850b1b324e158454f8e"
X-Served-By
cache-ord1729-ORD, cache-ams21022-AMS
X-Cache
HIT, HIT
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89529
X-Cache-Hits
8, 30565
CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
encore.scdn.co/fonts/ Frame FAA8
85 KB
86 KB
Font
General
Full URL
https://encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d752805498ebd36b9c69ad1d3da93b1561ea6b33f58ec89a66a4228a357dfe2

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Age
5689940
X-Cache
HIT, HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
87344
X-Served-By
cache-ord1746-ORD, cache-chi-kigq8000054-CHI, cache-ams21036-AMS
Last-Modified
Thu, 19 May 2022 07:59:23 GMT
ETag
"db1a27b35e26398fef4be920ea96078d"
x-goog-generation
1652947162999500
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
87344
Accept-Ranges
bytes
X-Cache-Hits
1, 1, 12047
CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
encore.scdn.co/fonts/ Frame FAA8
84 KB
84 KB
Font
General
Full URL
https://encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c60fd01004a4b5f4997c54e3fed4e0a1080ae7c6c263af83fa7f4a0fff96c15

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 07:59:22 GMT
Age
3422396
ETag
"0e196bce574e01f42fc686e3e6dc4f76"
X-Served-By
cache-ord1740-ORD, cache-chi-kigq8000156-CHI, cache-ams21028-AMS
X-Cache
HIT, HIT, HIT
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85585
X-Cache-Hits
1, 42131, 12024
spoticon_regular_2.d319d911.woff2
open.spotifycdn.com/cdn/fonts/ Frame FAA8
56 KB
56 KB
Font
General
Full URL
https://open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d319d911.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Last-Modified
Mon, 13 Jun 2022 14:00:42 GMT
Age
7686288
ETag
"3b7bbfac9ed3e75d426728e900579aa9"
X-Served-By
cache-ord1736-ORD, cache-chi-kigq8000141-CHI, cache-hhn11553-HHN
X-Cache
MISS, HIT, HIT
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56996
X-Cache-Hits
0, 1, 554748
de.e19ab6c8.json
open.spotifycdn.com/cdn/generated-locales/embed/ Frame FAA8
2 KB
1 KB
Other
General
Full URL
https://open.spotifycdn.com/cdn/generated-locales/embed/de.e19ab6c8.json
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bee03409b59f84f416b678b9126bf38f87d5a959b11be0dd1b209e7e82fb87a4

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Age
368056
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
862
X-Served-By
cache-chi-klot8100059-CHI, cache-hhn11564-HHN
Last-Modified
Mon, 29 Aug 2022 17:19:14 GMT
ETag
"8d2c190a37eff69df8f01d3c71ca6777"
x-goog-generation
1661793554796048
Content-Type
application/json
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
862
Accept-Ranges
bytes
X-Cache-Hits
1, 2332
embed.447789e4.css
open.spotifycdn.com/cdn/build/embed/ Frame FAA8
60 KB
11 KB
Stylesheet
General
Full URL
https://open.spotifycdn.com/cdn/build/embed/embed.447789e4.css
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
83c1b1a5b67c549a9f270ca4cdc48affbbe8562de2fd7c4b8466b6466b8e1239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Age
849978
X-Cache
MISS, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
10447
X-Served-By
cache-chi-kigq8000104-CHI, cache-hhn11532-HHN
Last-Modified
Wed, 31 Aug 2022 16:58:44 GMT
ETag
"19a661ab91650f01b769d0a060026806"
x-goog-generation
1661965124469675
Content-Type
text/css
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
10447
Accept-Ranges
bytes
X-Cache-Hits
0, 54049
vendor~embed.6be60370.css
open.spotifycdn.com/cdn/build/embed/ Frame FAA8
9 KB
2 KB
Stylesheet
General
Full URL
https://open.spotifycdn.com/cdn/build/embed/vendor~embed.6be60370.css
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1de08cc8e987bc99d4ef5742c85718af205dd4ab71147e0960ef57c3933b3b0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Age
4069964
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
986
X-Served-By
cache-chi-kigq8000039-CHI, cache-hhn11530-HHN
Last-Modified
Mon, 25 Jul 2022 10:32:22 GMT
ETag
"39a0174cdd7c50425083a2e6bff8c6a4"
x-goog-generation
1658745142492300
Content-Type
text/css
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
986
Accept-Ranges
bytes
X-Cache-Hits
1, 127946
embed.6f11bd5c.js
open.spotifycdn.com/cdn/build/embed/ Frame FAA8
179 KB
47 KB
Script
General
Full URL
https://open.spotifycdn.com/cdn/build/embed/embed.6f11bd5c.js
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
84751f727b9b505d511f7ff528b764ddc9252979b77b43fa776696b0355864b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Age
22074
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
47171
X-Served-By
cache-chi-kigq8000082-CHI, cache-hhn11562-HHN
Last-Modified
Sat, 10 Sep 2022 06:55:52 GMT
ETag
"d43a76aa214e48f01fe283603cb60605"
x-goog-generation
1662792952109820
Content-Type
application/javascript
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
47171
Accept-Ranges
bytes
X-Cache-Hits
1, 5982
vendor~embed.83afb37d.js
open.spotifycdn.com/cdn/build/embed/ Frame FAA8
1 MB
297 KB
Script
General
Full URL
https://open.spotifycdn.com/cdn/build/embed/vendor~embed.83afb37d.js
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5947a6eb880972751f159a64047c40ec8e405387855616c59444a1b02f54da6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Content-Encoding
gzip
Age
248870
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
303789
X-Served-By
cache-chi-kigq8000062-CHI, cache-hhn11560-HHN
Last-Modified
Wed, 07 Sep 2022 15:57:29 GMT
ETag
"fc6c8030cb55c417439dffeb17c495a1"
x-goog-generation
1662566249821458
Content-Type
application/javascript
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
303789
Accept-Ranges
bytes
X-Cache-Hits
2, 16
index.non-platform.prod.latest.js
cdn.mmctsvc.com/commercial-api/
479 KB
137 KB
Script
General
Full URL
https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d819eb3171878e122406f5b8430e11baedc026f70054199205cf736558e818f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
last-modified
Mon, 22 Aug 2022 10:03:51 GMT
etag
"493d8defe6c22d8b06ded602dcbd0b0f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
6000
accept-ranges
bytes
content-length
139617
b
sb.scorecardresearch.com/
0
189 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=18120612&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1662815306747&ns_c=UTF-8&c7=https%3A%2F%2F1428elm.com%2F&c8=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&c9=
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:26 GMT
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
bs3tAoZSAMIvCg6VYMPv90kR_8EZRp4ZQzim4TP4QnO-ZbTwMKvwnA==
x-cache
Miss from cloudfront
skeleton.js
static.adsafeprotected.com/
17 B
466 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
age
6174447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
yVgdjOSY6s7ZWp7jcaOUeSKSFTPnDNY5PnaYQG4a4fdzDbisK9aGgg==
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1662815306771&sessionId=f5edc52f-f12b-d90a-277d-c2cd9df85a7c&url=1428elm.com&cheqSource=1&cheqEvent=3&responseTime=246
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 13:08:27 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
93f37c0609cc9682d1303944fc96c98b
Content-Length
4
Expires
0
widget_iframe.c4bdc17e77719578b594d5555bee90db.html
platform.twitter.com/widgets/ Frame C264
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2F1428elm.com
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://1428elm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
836708
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Sep 2022 13:08:26 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 31 Aug 2022 20:40:57 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6760)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
ab67656300005f1f550cbdfbe2c047d2ee6a677c
i.scdn.co/image/ Frame FAA8
43 KB
44 KB
Image
General
Full URL
https://i.scdn.co/image/ab67656300005f1f550cbdfbe2c047d2ee6a677c
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.447789e4.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a007afff964b435818a8b12118ef6892592a8df3ddb886fc77e2302b36ef04b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://open.spotifycdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:26 GMT
Age
372729
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
44493
X-Served-By
cache-chi-klot8100056-CHI, cache-ams21076-AMS
Last-Modified
Wed, 17 Aug 2022 15:06:46 GMT
ETag
"bb8a02722a97af19040ac4060b1ae101"
x-goog-generation
1660748806144923
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
x-goog-stored-content-length
44493
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Cache-Hits
1, 1
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=2006558829&t=pageview&_s=1&dl=https%3A%2F%2F1428elm.com%2F&ul=en-us&de=UTF-8&dt=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1319205809&gjid=1402467541&cid=773752976.1662815307&tid=UA-1577313-14&_gid=1869851822.1662815307&_r=1&gtm=2wg970KXFQXHB&cd1=none&cd2=314&cd3=none&cd4=none&cd5=ENTERTAINMENT&cd6=Movies&cd7=none&cd8=Homepage&cd9=Payable%20Non%20Article&cd10=web-staticPHP&cd11=1428%20Elm&cd12=none&cd13=304&cd14=none&cd15=none&cd16=none&cd17=none&cd23=en&cd24=en&cd27=Homepage&cd73=0&cd75=The%20Midnight%20Club%2C%20The%20Good%20Nurse%20and%20more%20coming%20to%20Netflix%20and%20Chills&cd76=%2F2022%2F09%2F10%2Fmidnight-club-good-nurse-more-netflix-chills%2F&cd78=4&cd88=none&cm1=0&z=51009400
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=2006558829&t=pageview&_s=1&dl=https%3A%2F%2F1428elm.com%2F&ul=en-us&de=UTF-8&dt=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=6834982&gjid=306285558&cid=773752976.1662815307&tid=UA-36315219-46&_gid=1869851822.1662815307&_r=1&gtm=2wg970KXFQXHB&cd1=none&cd2=314&cd3=none&cd4=none&cd5=ENTERTAINMENT&cd6=Movies&cd7=none&cd8=Homepage&cd9=Payable%20Non%20Article&cd10=web-staticPHP&cd11=1428%20Elm&cd12=none&cd13=304&cd14=none&cd15=none&cd16=none&cd17=none&cm1=0&z=170052459
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
2811814612385369
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2811814612385369?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
840df336ccbf85b415e3063f045e2bdfe0f226a1320e555bd505581b9eaa5228
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86292
x-xss-protection
0
pragma
public
x-fb-debug
Msv1rcbHXeM6W0OGxBTHUdsUPGbIx8y/2A9kJjgluMh7b2WfF3TpiZDviYzKNsXnqOoggzgOmg5KdfEEgx9gTw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Sep 2022 13:08:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
m6Q34Fu/3nPURAUs1csm8g==
age
11821
vary
Accept-Encoding
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:48 GMT
server
cloudflare
etag
0x8DA6BAB4C3C8BAE
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
484ef77c-201e-0027-44a3-9d42af000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
748864758ab69b83-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
fvP30c6fmdIqmF2AUGLdbQ==
age
11821
vary
Accept-Encoding
content-length
13258
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:51 GMT
server
cloudflare
etag
0x8DA6BAB4DA69567
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7f1acee9-e01e-00f6-679b-9dfff0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
748864758ab79b83-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.37.0/assets/
22 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TLLtdkuMahUQRVIfmZNHNw==
age
11821
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:28:04 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
64c062d7-701e-0174-75ab-9d18f5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
748864758ab89b83-FRA
settings
syndication.twitter.com/ Frame C264
709 B
589 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=68629d65c0f01f3d4b19eeb20f6e915b12973fff
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2F1428elm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time
105
date
Sat, 10 Sep 2022 13:08:26 GMT
content-encoding
gzip
last-modified
Sat, 10 Sep 2022 13:08:27 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
12313a7ed2da867b92703f5ecfdeb41013a8e1d27c79cab2bcab0790690e41d6
content-length
308
robots.txt
t.skimresources.com/api/v2/ Frame 0199
0
134 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.862214523577514
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/
43 B
276 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=1.7390856873078981
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/
43 B
102 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=1.7390856873078981
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
collect
region1.analytics.google.com/g/
0
344 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NB8RD6J3M6&gtm=2oe970&_p=2006558829&_gaz=1&cid=773752976.1662815307&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662815307&sct=1&seg=0&dl=https%3A%2F%2F1428elm.com%2F&dt=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&en=page_view&_fv=1&_ss=1&ep.post_vertical=ENTERTAINMENT&ep.site_domain=1428elm.com&ep.post_fs_api_key=none&ep.post_fs_topic_id=314&ep.post_guid=none&ep.post_username=none&ep.post_division=Movies&ep.post_topic=none&ep.post_type=Homepage&ep.post_payout=Payable%20Non%20Article&ep.post_product_origin=web-staticPHP&ep.post_site_title=1428%20Elm&ep.post_topic_csv=none&ep.post_fs_site_id=304&ep.post_id=none&ep.post_author_id=none&ep.post_secondary_topic=none&ep.post_content_type=none&ep.Affiliate%20ID%20-%20Hit=&ep.Affiliate%20ID%20-%20Session=&ep.Affiliate%20ID%20-%20User=&ep.MM%20Player%20Name=none&ep.Injectable%20Unit%20Id=none
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
344 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NB8RD6J3M6&cid=773752976.1662815307&gtm=2oe970&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NB8RD6J3M6&cid=773752976.1662815307&gtm=2oe970&aip=1&z=452524633
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
o22381.ingest.sentry.io/api/1409086/envelope/ Frame FAA8
2 B
277 B
Fetch
General
Full URL
https://o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.83afb37d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://open.spotify.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://open.spotify.com
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
default.css
cdn.equalweb.com/style/
11 KB
3 KB
Fetch
General
Full URL
https://cdn.equalweb.com/style/default.css
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
161405
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sun, 09 May 2021 14:33:43 GMT
server
cloudflare
x-frame-options
deny
etag
W/"807da04fe044d71:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97eH0CEAyQ4iIxY9SCD5Pfd1c52u5cthZ6plGOVVK6pclEoXUhg0mhqde%2B4c2PywurbMg2kMpom4dTiIDp9TBJ1jCCTBZc0ApeSiCvrH%2FZS2bcRWW%2FZ3mhl%2F5pOLe7OA17t6orALd4xTMr7dhdg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-country
DE
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
748864773fd8912a-FRA
btncolor.css
cdn.equalweb.com/style/
105 B
460 B
Fetch
General
Full URL
https://cdn.equalweb.com/style/btncolor.css
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
161405
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Mon, 11 Feb 2019 11:16:31 GMT
server
cloudflare
x-frame-options
deny
etag
W/"3f26cd3dfbc1d41:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJFEk9IJNA7KVV2egUVKH7a2TCZ0fx9S7jCpSx0oheG3Oo9i1NypG2CxDWugIIckemRpx2GfAL01NVzI%2FjZfOjtR%2BaBmTS%2BIy23mTWgP8Yn%2BXbhaTanW%2BWK55sDYJOvB5nEtW4jAEARDDggoO6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-country
DE
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
748864773fd9912a-FRA
locale.js
cdn.equalweb.com/assets/scripts/
29 KB
10 KB
Fetch
General
Full URL
https://cdn.equalweb.com/assets/scripts/locale.js
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
112710
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sun, 18 Apr 2021 07:22:31 GMT
server
cloudflare
x-frame-options
deny
etag
W/"80d59982334d71:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJJOI3ICGGxZsJIN91QjhLSWB4niyXVlZnZlYIOSFcZQ%2FP9aEA6qokzktzxvPahGLR%2B5PHpd6DCrBpb%2B4kabpbcsmiuSA7qmP9uaHjKi%2FspMRvnvBlYXKrO7Kfp%2BJkZSWWHXoHEsPvwf5W6ojeg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-country
DE
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
748864773fda912a-FRA
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1577313-14&cid=773752976.1662815307&jid=1319205809&gjid=1402467541&_gid=1869851822.1662815307&_u=YEBAAEAAAAAAAC~&z=2075259596
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 10 Sep 2022 13:08:27 GMT
content-type
text/plain
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.skimresources.com/api/
195 B
399 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
37adcf40837b4554a3d81c8ece07e3143489ec445c0b310846fa60305b99c93f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://1428elm.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
get
odb.outbrain.com/utils/
9 KB
3 KB
Script
General
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2F1428elm.com&idx=0&rand=37262&key=NANOWDGT01&widgetJSId=SB_2&va=true&et=true&format=html&adblck=false&abwl=false&px=1065&py=1123&vpd=0&cw=300&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000877&sig=CRRMuWVC&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPfFkMAPfFkMAAcABBENCgCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&cmpStat=1&ccpaStat=0&ogn=https%3A%2F%2F1428elm.com%2F
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8333adb401ba7850a25b421c30fb286e04be623c039e5da454fbaecc2d678278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1662815308.513488,VS0,VE123
accept-ranges
bytes
x-served-by
cache-lga21948-LGA, cache-hhn4027-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
6ef22e363cceb9cd06d44e719f746ca4
content-encoding
gzip
content-length
2916
expires
Thu, 01 Jan 1970 00:00:00 GMT
gtm.js
www.googletagmanager.com/
327 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d17e03e98964e4b014cbce6a17f766cd8c2cac5b668ffdd9de6e2853233046b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69347
x-xss-protection
0
expires
Sat, 10 Sep 2022 13:08:27 GMT
1428elm.com.json
cdn.mmctsvc.com/adunits/
775 B
666 B
Fetch
General
Full URL
https://cdn.mmctsvc.com/adunits/1428elm.com.json
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
051d2c2b29c78abf56fb0b02dd8e704984e3c7fe38c08dd443014989624e3dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:20:34 GMT
etag
"779705964e4bdd0c6eeff838c7682722"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
6000
accept-ranges
bytes
content-length
271
geo
cdn.mmctsvc.com/.mc/
58 B
419 B
Fetch
General
Full URL
https://cdn.mmctsvc.com/.mc/geo
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8d7ea423aa6b3c67d811ba1ce6367a67b5880166d717fcd9d582f13e88047497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
gzip
last-modified
2017-01-13
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
6000
content-length
75
v2frtj_djCR0CQxMAxAn5GZfGmuF1QFMHkIvUyFceO8SRc9WwyMceyZsZoFOes-WwNohnG0xB
memorizeneck.com/
191 B
691 B
Fetch
General
Full URL
https://memorizeneck.com/v2frtj_djCR0CQxMAxAn5GZfGmuF1QFMHkIvUyFceO8SRc9WwyMceyZsZoFOes-WwNohnG0xB
Requested by
Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
96a2bcebd9cd73bd22cdcec665fd6f1bc5779ccf759ae891c1343b2a366d1ab5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
date
Sat, 10 Sep 2022 13:08:27 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-c63t
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 10 Sep 2022 13:08:26 GMT
/
apresolve.spotify.com/ Frame FAA8
273 B
267 B
Fetch
General
Full URL
https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.83afb37d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0b1cdc0678474ae3c50f7df62c9210a64eac412722831418ef4d5c7a1c821457

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107
via
1.1 google
70.903eaee3.js
open.spotifycdn.com/cdn/build/embed/ Frame FAA8
167 KB
40 KB
Script
General
Full URL
https://open.spotifycdn.com/cdn/build/embed/70.903eaee3.js
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.6f11bd5c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8fee223f3cc81f7d294130222a343d3f2550f2829f16ba632af7b640802fd722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:27 GMT
Content-Encoding
gzip
Age
960531
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
40431
X-Served-By
cache-chi-klot8100178-CHI, cache-hhn11560-HHN
Last-Modified
Tue, 30 Aug 2022 10:15:49 GMT
ETag
"052ddef67266dd0d7acff278a278e74c"
x-goog-generation
1661854549119977
Content-Type
application/javascript
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
40431
Accept-Ranges
bytes
X-Cache-Hits
1, 43134
spotify_player_o.3992e346.js
open.spotifycdn.com/cdn/build/embed/ Frame FAA8
30 KB
9 KB
Script
General
Full URL
https://open.spotifycdn.com/cdn/build/embed/spotify_player_o.3992e346.js
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.6f11bd5c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
daff352338723194f186a147a6b4d90cfdf77ae5ef1f69039cd453216c7dcfdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:27 GMT
Content-Encoding
gzip
Age
248871
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
8123
X-Served-By
cache-chi-kigq8000129-CHI, cache-hhn11562-HHN
Last-Modified
Wed, 07 Sep 2022 15:57:29 GMT
ETag
"099f5ffcc1d047d1a6b77948aee5ef3a"
x-goog-generation
1662566249407831
Content-Type
application/javascript
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
8123
Accept-Ranges
bytes
X-Cache-Hits
1, 42752
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=773752976.1662815307&jid=1319205809&_u=YEBAAEAAAAAAAC~&z=1758871937
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=773752976.1662815307&jid=1319205809&_u=YEBAAEAAAAAAAC~&z=1758871937
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/
1010 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3777&u=https%3A%2F%2F1428elm.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4d04b59c24d4cbe00320854f7d6c5dd1be37711737966722945dafc159e8adf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 10:35:31 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
Server
age
9175
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://1428elm.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
1010
x-amz-cf-id
cye5pkXiHLqKkDt9xuXwTqy_BrgF-e2uF1IhQXM-SLnORw-NX0pnbQ==
bid
c.amazon-adsystem.com/e/dtb/
64 B
502 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2F1428elm.com%2F&pid=wPMl5f0IALxGe&cb=0&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22atf-below-feature-ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F175840252%2Ffansided.com%2F1428Elm%2Fleaderboard_d%22%7D%2C%7B%22sd%22%3A%22inline-billboard-ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F175840252%2Ffansided.com%2F1428Elm%2Fleaderboard_d%22%7D%5D&gdpre=1&gdprc=CPfFkMAPfFkMAAcABBENCgCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
R77BRBB4RQGKQDG890PT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
F-j8jljPXSdKppZoaBcMNsbfwqgIwBJ6rUaCg17SNG3PWHG_FTNoPQ==
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/
3 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LpuayL42jB78xRllx0vkOw==
age
12585
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 08 Sep 2022 06:34:54 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
75c8ecde-f01e-0121-4852-c3f382000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
748864798879bbcb-FRA
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2811814612385369&ev=PageView&dl=https%3A%2F%2F1428elm.com%2F&rl=&if=false&ts=1662815307782&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662815307780.818991591&it=1662815307016&coo=false&rqm=GET
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 10 Sep 2022 13:08:27 GMT
4.svg
cdn.equalweb.com/assets/images/
386 B
601 B
Fetch
General
Full URL
https://cdn.equalweb.com/assets/images/4.svg
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
791997
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Thu, 01 Aug 2019 12:49:31 GMT
server
cloudflare
x-frame-options
deny
etag
W/"dade21906748d51:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3mZtM2fpeL4mIYm%2FFh7wfJFG%2BxCnw9hfz83D%2FaS6rxbGZRTsf02XPUe1b3hjEs6aTPWkvIFoxlBUuKYnUwvdUqU64j8udXe%2B2JupTDj%2BWbOibqQLyU5BropswlLmcW4WOXxQ8dlPhVp%2FJEJ%2Bto%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-country
DE
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
74886479bc7a912a-FRA
custombtnstyle.css
cdn.equalweb.com/style/
4 KB
1 KB
Fetch
General
Full URL
https://cdn.equalweb.com/style/custombtnstyle.css
Requested by
Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
791997
access-control-allow-methods
GET
vary
Accept-Encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Tue, 10 Mar 2020 09:11:26 GMT
server
cloudflare
x-frame-options
deny
etag
W/"0b350e0bbf6d51:0"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3U28Lur5Tx85w%2FI7a0UhW3t2CE9waXAHUaaaLBkZQ4mI%2F3xFe2EO6IOKZMOpA7e84XC%2BpJDvLgPzXmbSCmUyYQragSdae1xJSOxJTUY4zkQ6MkZRqsltnHDmtv36d%2BZCuW2Vtvj%2BlvGrDiUNuE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-country
DE
cache-control
public, max-age=2204800
access-control-allow-credentials
true
cf-ray
74886479bc7c912a-FRA
ats.js
ats.rlcdn.com/
109 KB
36 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-110.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
38818
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Sat, 10 Sep 2022 02:21:30 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
B8rx26DTsrh5zG2xh4K8-H_PQT_KQTnL3xUFIX1IwHs19uNyc1WZUg==
load.js
s.ntv.io/serve/
479 KB
137 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5525fe0659c283e57d8ca8f0ff56cba585bd7fe8532df9387c0a824ae35dec76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 13:08:27 GMT
Content-Encoding
gzip
x-amz-request-id
ZZ2G8ZS477HQEMZQ
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
p/F51JvBGTfxhrcU+GzRMs8hb0tOaYkPfKiXUYvoA7AVOPLQBwKVB0Fm1Z1S2NbKQpHQ49LmGfQ=
Last-Modified
Fri, 02 Sep 2022 14:27:37 GMT
Server
AmazonS3
ETag
"9624bb208d35ae785b11a575256bbe77"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
link
t.skimresources.com/api/v2/
22 B
44 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:27 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.1
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://1428elm.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
gtm.js
www.googletagmanager.com/
218 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KRHP5BL&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
768bb0a2198656526df513f4dae611b819f36361ca7f5f6bfd9a90e7a442376f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51916
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Sep 2022 13:08:27 GMT
gtm.js
www.googletagmanager.com/
105 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PCL98KW&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5e05e7af870d7c320da64e168124d0ef08f269f682f1eddec0a37c9a6fbf24f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40197
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Sep 2022 13:08:27 GMT
impressions
promotions.minutemediaservices.com/
0
0
Ping
General
Full URL
https://promotions.minutemediaservices.com/impressions
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c200:1:4290:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

v2wpmd3-7A2ROLq9kZIWfNMoGfbxWM7oA3qRYKQrYqsnJ_ZJM2moi6iA22THtht35zt3U3AhC
memorizeneck.com/
3 B
27 B
Fetch
General
Full URL
https://memorizeneck.com/v2wpmd3-7A2ROLq9kZIWfNMoGfbxWM7oA3qRYKQrYqsnJ_ZJM2moi6iA22THtht35zt3U3AhC
Requested by
Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
date
Sat, 10 Sep 2022 13:08:27 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-c63t
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
achoice.svg
widgets.outbrain.com/images/widgetIcons/
3 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 10 Oct 2022 13:08:27 GMT
l
mcdp-nydc1.outbrain.com/
2 B
292 B
Fetch
General
Full URL
https://mcdp-nydc1.outbrain.com/l?token=ced3c7c6c4802fa4d4d323297d9ef65b_199081_1662815307590&tm=1437&eT=0&widgetWidth=300&widgetHeight=54&widgetX=1065&widgetY=1123&wRV=2000877&pVis=0&lsd=-1&eIdx=&cnsntV2=CPfFkMAPfFkMAAcABBENCgCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&cheq=0&rtt=484&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
X-TraceId
4274de08ab511caac1b9d9295f3243d7
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000877/module/
38 KB
14 KB
Script
General
Full URL
https://widgets.outbrain.com/nanoWidget/2000877/module/streamFeed.js?e=1
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5b8a8db63644026156e675e1ff7281d7bab273f2e713472d6927835b24f1e64c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 11:45:32 GMT
server
AkamaiNetStorage
etag
"fd45d5c4cd1a79c080e686a30dea4bbf:1662563335.216307"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
14140
expires
Sat, 10 Sep 2022 17:08:27 GMT
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/
12 KB
12 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:27 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"65df986ae65cffdf92a926e7c42a25a8:1656855971.383201"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
12268
expires
Mon, 10 Oct 2022 13:08:27 GMT
api
ls.skimresources.com/
2 B
22 B
XHR
General
Full URL
https://ls.skimresources.com/api
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.8 aiohttp/3.6.3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/json

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.8 aiohttp/3.6.3
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1428elm.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
api
ls.skimresources.com/ Frame
0
0
Preflight
General
Full URL
https://ls.skimresources.com/api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.8 aiohttp/3.6.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1428elm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://1428elm.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
date
Sat, 10 Sep 2022 13:08:28 GMT
server
Python/3.8 aiohttp/3.6.3
via
1.1 google
page
t.skimresources.com/api/v2/
22 B
43 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.1
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://1428elm.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
/
bqstreamer.com/tr/
0
433 B
XHR
General
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwTjPO%2BujMoRVNiTr2r6vyLaQUxwRIttPy2vx3wD8GJVFG2oamIpEaZX08NzBVVy3BB63sMrfLuCELT458vUxpcuKkQzYRqU8yP1cgF24vnfchg2AgQNcA9lWv9lwjvbtjkU0V4bWAn0ADG9"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7488647b5c615c3e-FRA
events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame FAA8
13 B
58 B
Fetch
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.83afb37d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
date
Sat, 10 Sep 2022 13:08:27 GMT
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
via
HTTP/2 edgeproxy, 1.1 google
events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame FAA8
13 B
58 B
Fetch
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.83afb37d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
date
Sat, 10 Sep 2022 13:08:27 GMT
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
via
HTTP/2 edgeproxy, 1.1 google
events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame
0
0
Preflight
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 10 Sep 2022 13:08:27 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame
0
0
Preflight
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 10 Sep 2022 13:08:27 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
widgetGlobalEvent
log.outbrainimg.com/loggerServices/
4 B
325 B
Fetch
General
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=ced3c7c6c4802fa4d4d323297d9ef65b&pvId=ced3c7c6c4802fa4d4d323297d9ef65b&sid=5195830&pid=199081&idx=0&wId=103&pad=0&org=0&tm=1543&eT=3&cnsnt=CPfFkMAPfFkMAAcABBENCgCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&wRV=2000877&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 13:08:28 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
9f801bf80e75110d7f12fd6c32e9de9b
Content-Length
4
Expires
0
get_access_token
open.spotify.com/ Frame FAA8
247 B
257 B
Fetch
General
Full URL
https://open.spotify.com/get_access_token?reason=transport&productType=embed
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.83afb37d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
7a76f3d08e4adc6755b8e065fb8cad6d78132dd931252e68f372c7a873a56381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

sp-trace-id
b273ad42b2c995bb
date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
via
HTTP/2 edgeproxy, 1.1 google
vary
Accept-Encoding,Accept-Encoding
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
get
mv.outbrain.com/Multivac/api/
17 KB
6 KB
Script
General
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2F1428elm.com&settings=true&recs=true&widgetJSId=SB_2&key=NANOWDGT01&version=2000877&apv=false&sig=CRRMuWVC&format=html&rand=35175&osLang=en-US&va=true&et=true&cmpStat=1&cnsntv2=CPfFkMAPfFkMAAcABBENCgCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&ccpaStat=0&scrW=1600&scrH=1200&t=Y2VkM2M3YzZjNDgwMmZhNGQ0ZDMyMzI5N2Q5ZWY2NWI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=9820-42692&layeredTestInfo=9820-42692-&dpr=1&cw=300&darkMode=false&activeTab=true&ogn=https%3A%2F%2F1428elm.com%2F
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c02ff070470bb2ffe5ed7b6e5731dcf6a318af3a795f0ac13bf1eb4667763f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1662815308.107823,VS0,VE253
accept-ranges
bytes
x-served-by
cache-lga21971-LGA, cache-hhn4027-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
13fef70238d1330e980ab9da8fe1dd89
content-encoding
gzip
content-length
6472
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
geo.privacymanager.io/
30 B
596 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-6.fra53.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 00:52:42 GMT
via
1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront), 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
age
44146
x-amzn-requestid
c18eb533-379e-4b17-ac12-e6ea5031e07c
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-631bdfda-1ac8763935ee1b81102344a4;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA53-C1
x-amz-apigw-id
YN_qJHFfDoEFavw=
content-length
30
x-amz-cf-id
9FPm6XvPjbO6hLqE690OxMVCLE41pEfGhsHAPGPQWjObhT7b8gRaZQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
t
jadserve.postrelease.com/
115 B
539 B
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2F1428elm.com%2F&ntv_med=1&ntv_mvi&us_privacy=1---
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
122
expires
Mon, 1 Jan 1990 12:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/
1010 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3777&u=https%3A%2F%2F1428elm.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4d04b59c24d4cbe00320854f7d6c5dd1be37711737966722945dafc159e8adf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 10:35:31 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
Server
age
9176
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://1428elm.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
1010
x-amz-cf-id
tS1AnKoOzAJ5RcsTBmB8DpXkS_Zaz6DGQ-DGWSW7A3JBGWfRRHob6Q==
/
www.facebook.com/tr/ Frame 6F1B
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://1428elm.com
Referer
https://1428elm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://1428elm.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 13:08:28 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
auction
pbs.nextmillmedia.com/openrtb2/ Frame
0
0
Preflight
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-48-179.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1428elm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
date
Sat, 10 Sep 2022 13:08:28 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://1428elm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://1428elm.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 10 Sep 2022 13:08:28 GMT
server
ATS/9.1.10.25
openrtb
ex.ingage.tech/v1/ Frame
0
0
Preflight
General
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:34a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1428elm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://1428elm.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7488647d9d93923d-FRA
content-length
0
date
Sat, 10 Sep 2022 13:08:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aaXog2ts2SpCoA%2BfOz8Ra%2FRUXBrI05lcuZl2y%2F1dF%2FGHqzx6FTedpFfv80BkxTKtAJ9z1hnzIzuv5Psjvja%2BM%2Fy7hX4D0LnhXGm4yAXVtNuN2uXbQg3tuMYNGvETkeUyX%2B0qNyivjFVgODk8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
openrtb
ex.ingage.tech/v1/ Frame
0
0
Preflight
General
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:34a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1428elm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://1428elm.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7488647d9d96923d-FRA
content-length
0
date
Sat, 10 Sep 2022 13:08:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFJ8McCxb%2F%2BTRPWOMxbCH9ZZoyfdWZwKkA8mdAUeRwEMKaiTVVvtY5i2akHOTuFT%2BoIvFnsVDm5%2FyNo58wvYLlVc9XOV330JhECxTvBzNEP5jAvHYbgb3Ikhj%2Ffs4L17KFDZB6VfaDNNZzZXLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame
0
0
Preflight
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-48-179.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1428elm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
date
Sat, 10 Sep 2022 13:08:28 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
pbs.nextmillmedia.com/openrtb2/ Frame
0
0
Preflight
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-48-179.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1428elm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
date
Sat, 10 Sep 2022 13:08:28 GMT
expires
0
pragma
no-cache
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://1428elm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://1428elm.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 10 Sep 2022 13:08:28 GMT
server
ATS/9.1.10.25
fastlane.json
fastlane.rubiconproject.com/a/api/
328 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17598&site_id=206582&zone_id=1677732&size_id=2&rf=https%3A%2F%2F1428elm.com%2F&tg_i.pbadslot=175840252%2Ffansided%2F1428elm.com%2Ftop%23MM_DISPLAY_MANAGER_AD_STATIC-0_1&tk_flint=pbjs_lite_v6.29.1&x_source.tid=de475aeb-4cdb-4ef2-b45d-941c0122266d&l_pb_bid_id=24df9466202afc&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=175840252%2Ffansided%2F1428elm.com%2Ftop%23MM_DISPLAY_MANAGER_AD_STATIC-0_1&slots=1&rand=0.02064419473208412
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41315f9071cabbb50024670c0652fc781325cb44df88795fcdeeed19766219a3

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 13:08:28 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://1428elm.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
328
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/
19 B
504 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2F1428elm.com%2F&tmax=1000
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.92.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-92-120.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
accept-ch
sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
pbs.nextmillmedia.com/openrtb2/
80 B
312 B
XHR
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-48-179.compute-1.amazonaws.com
Software
/
Resource Hash
bbfb9f6db07ed2e8696ff1d88a287260d746257c7a30a0254590cc7cd866a559

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
80
expires
0
hb
ssc.33across.com/api/v1/
87 B
348 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=aE5yLKaEir7lnyaKjGFx_2
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a6e316d5efa161b9d3e0c60acc0f718792bc52b54c3ccbd0931acfbdb988e5ec

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb-mm-multi
hb.minutemedia-prebid.com/
105 B
408 B
XHR
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.242.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-242-53.compute-1.amazonaws.com
Software
/
Resource Hash
3f99eb8da51fa8e82b7babbbfb76d2d5783cb522c32e4644486e2828de18bde4

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://1428elm.com
x-reason
maxmind hosting provider
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
/
shb.richaudience.com/hb/
4 B
232 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1428elm.com
access-control-max-age
86400
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/
66 B
294 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d61cfd8f7e6fcbdbad920d8b9b3af30d17707ce415a60da8aba78d78b2d843c4

Request headers

Referer
https://1428elm.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
12c9cfb9b0091c1a69fb92b7d3940a87f9ef0d65194e6f9bf692143dca74a8b1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 13:08:28 GMT
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c8f7abc8-d52c-410a-8fe3-fbb76a646d4f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://1428elm.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
33a642f2460fb79ef0c26bbc5212fceaa9997e98b0ab5b7aa85781366af2f5cb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 13:08:28 GMT
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c0ddbbe6-3f52-44c5-8eb5-05ddc636b5e1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://1428elm.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
minutemedia-d.openx.net//w/1.0/
72 B
374 B
XHR
General
Full URL
https://minutemedia-d.openx.net//w/1.0/arj?ju=https%3A%2F%2F1428elm.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=de475aeb-4cdb-4ef2-b45d-941c0122266d&nocache=1662815308369&pubcid=b144b637-f5d2-4b76-9a35-7623e36421e2&aus=728x90&divids=MM_DISPLAY_MANAGER_AD_STATIC-0_1&aucs=175840252%252Ffansided%252F1428elm.com%252Ftop%2523MM_DISPLAY_MANAGER_AD_STATIC-0_1&auid=541176476&aumfs=100
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
993f5f447b36e705cfa6999d8426c6e0ba2c8e5bc4d0609e806d24fba35b34f3

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://1428elm.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/
94 B
742 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
a473914c1f9208ee1eb8a6a55776ab6abcfc3971d5d27e2d189cb07d04ab4292

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 10 Sep 2022 13:08:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://1428elm.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
openrtb
ex.ingage.tech/v1/
2 KB
1 KB
XHR
General
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:34a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e04686e158727ab7fa8bea8b11ecb38fc1809e15a6ce730a003d2b6743746e

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsnPMGYa%2Fxt%2ByBlAwPi5Px0%2BL01w3w6LJzeWvAKKvPvp0OV63pYZ7A%2FRGymR80mtZKg88DxRQC4coPLuzYIKTgMr4XCL91oZ5iaU9nMP35s5110X6U5E%2Bu0483pxogck0EUUnxoca1gYup8HKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
cf-ray
7488647e6a6791f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bid
c.amazon-adsystem.com/e/dtb/
23 B
461 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2F1428elm.com%2F&pid=wPMl5f0IALxGe&cb=1&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-0_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22175840252%2Ffansided%2F1428elm.com%2Ftop%22%7D%5D&cfgv=1&gdpre=1&gdprc=CPfFkMAPfFkMAAcABBENCgCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
3H7KG9W13JYJMCN8R5AE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
y68nGV0aK8FWqq7VU8pBXb3wmjNC7PNb90Z53VVUZe69FnYzVmoY_g==
/
shb.richaudience.com/hb/
4 B
233 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1428elm.com
access-control-max-age
86400
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/
16 B
245 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://1428elm.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 10 Sep 2022 13:08:28 GMT
hb-mm-multi
hb.minutemedia-prebid.com/
105 B
407 B
XHR
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.242.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-242-53.compute-1.amazonaws.com
Software
/
Resource Hash
4fd8c44560faf66270cee5577f618167e8a02b7b5a139ad5f6eba4f857a6eb00

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://1428elm.com
x-reason
maxmind hosting provider
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
openrtb
ex.ingage.tech/v1/
2 KB
1 KB
XHR
General
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:34a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0658c9fe98a09420423f9c0949a8ade1d04c89d2aa587927ac08cb0e82cda98

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VA5aB3Yu%2FmNnQQ3xmIT5p9Q0p4mipvMtPeRQ4afFq2hmoMv5QGTujk7qZlb5spNfrAcL9tNrwYKuojNDCk0A1m7lVuvF9a%2BGxPYW13eebopO03XR4ViASN5iVXNQ%2Bs2ngrGsrV%2BhZ%2F%2F8YLa1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
cf-ray
7488647e6a6a91f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1b5234f32c2e3f4c5bec6beb2e4ba9154be7b95842fbc63353490362f0115d0b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 13:08:28 GMT
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7968aab9-f8dc-41d7-811b-a7cfd7c13adf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://1428elm.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/
19 B
503 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2F1428elm.com%2F&tmax=1000
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.92.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-92-120.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2f943fe17fd741f9769733b89cc0362c9f8b9889846b7688d7d38dcd7d94139a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 13:08:28 GMT
X-Proxy-Origin
138.199.38.134; 138.199.38.134; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9bc83833-499f-4e1d-bb83-118f58870060
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://1428elm.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
pbs.nextmillmedia.com/openrtb2/
80 B
312 B
XHR
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-48-179.compute-1.amazonaws.com
Software
/
Resource Hash
bbfb9f6db07ed2e8696ff1d88a287260d746257c7a30a0254590cc7cd866a559

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
80
expires
0
auction
pbs.nextmillmedia.com/openrtb2/
80 B
313 B
XHR
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.48.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-48-179.compute-1.amazonaws.com
Software
/
Resource Hash
bbfb9f6db07ed2e8696ff1d88a287260d746257c7a30a0254590cc7cd866a559

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
80
expires
0
translator
hbopenbid.pubmatic.com/
0
113 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1428elm.com
date
Sat, 10 Sep 2022 13:08:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/
37 B
570 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=545698&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2245acd8e13cd0035%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2F1428elm.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F1428elm.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224676cffce50016%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22545698%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22175840252%2Ffansided%2F1428elm.com%2Frightrail1%23MM_DISPLAY_MANAGER_AD_STATIC-1_2%22%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfcb19276775e9fa09dbb646fac604f6311a95a824bb4d6e1fc3b9d784f7574

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NsmYC7hG%2Fr7gygqxdidL3UcUf9YUROyJuIXqPg%2FdcNN%2BIBN77%2FqiCTl98nE7hy0feUiyyYvpVB652UbxmC5Y16XsD4oI2uT1wP%2BXk4%2FP%2FApxk96VSRZMX5hrpa163zUnklNLv%2B6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://1428elm.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7488647dca899096-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
356 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17598&site_id=206582&zone_id=1677732&size_id=15&alt_size_ids=10&rf=https%3A%2F%2F1428elm.com%2F&tg_i.pbadslot=175840252%2Ffansided%2F1428elm.com%2Frightrail1%23MM_DISPLAY_MANAGER_AD_STATIC-1_2&tk_flint=pbjs_lite_v6.29.1&x_source.tid=83e68a21-836e-429f-a5f9-2f0613eb8898&l_pb_bid_id=487f4d8bad91ab6&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=175840252%2Ffansided%2F1428elm.com%2Frightrail1%23MM_DISPLAY_MANAGER_AD_STATIC-1_2&slots=1&rand=0.11289450985605232
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f25ff9abec2c3c2dadde01348a6026f452ecef732d0bfdeda2db84833ee51aa5

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 13:08:28 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://1428elm.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
356
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/212244/0/
0
159 B
XHR
General
Full URL
https://tag.1rx.io/rmp/212244/0/mvo?z=1r&hbv=6.29.1,2.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1428elm.com
pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/
94 B
741 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
800d0b8be550da8c3cfc515ccd5ce0017cdc4dafa2bc1d520e6810d77e3913af

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 10 Sep 2022 13:08:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://1428elm.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
arj
minutemedia-d.openx.net//w/1.0/
72 B
146 B
XHR
General
Full URL
https://minutemedia-d.openx.net//w/1.0/arj?ju=https%3A%2F%2F1428elm.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=83e68a21-836e-429f-a5f9-2f0613eb8898&nocache=1662815308409&pubcid=b144b637-f5d2-4b76-9a35-7623e36421e2&aus=300x250%2C300x600&divids=MM_DISPLAY_MANAGER_AD_STATIC-1_2&aucs=175840252%252Ffansided%252F1428elm.com%252Frightrail1%2523MM_DISPLAY_MANAGER_AD_STATIC-1_2&auid=541176476&aumfs=100
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f4db2bd0ad4596e6578f4341264f4182e05542a3d86cd4e5a185d59d780a043d

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://1428elm.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8b1314f3eaccd2b863f7435fac37b38ba794f421ff65a4bac56f77a8f153a1d4

Request headers

Referer
https://1428elm.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
content-length
66
hb
ssc.33across.com/api/v1/
87 B
170 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=aE5yLKaEir7lnyaKjGFx_2
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
727fad1865699a0cac42cd575916e2fb0828cfcfb3c0f44281988c7057917a31

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ads.yieldmo.com/exchange/
0
222 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.29.1&p=%5B%7B%22placement_id%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-1_2%22%2C%22callback_id%22%3A%2260e3d94fdcc6fe3%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222530621563095425440%22%2C%22bidFloor%22%3A0.1%2C%22gpid%22%3A%22175840252%2Ffansided%2F1428elm.com%2Frightrail1%23MM_DISPLAY_MANAGER_AD_STATIC-1_2%22%7D%5D&page_url=https%3A%2F%2F1428elm.com%2F&bust=1662815308413&dnt=false&description=The%20ultimate%20home%20for%20horror%20genre%20news%2C%20rumors%2C%20and%20updates%20from%20all%20the%20horror%20movies%2C%20television%2C%20games%2C%20classics%2C%20Halloween%20horror%20nights%2C%20Netflix%20horror%20%26%20more!&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&w=1600&h=1200&pubcid=b144b637-f5d2-4b76-9a35-7623e36421e2
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.38.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-38-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://1428elm.com
pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
c.amazon-adsystem.com/e/dtb/
23 B
460 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2F1428elm.com%2F&pid=wPMl5f0IALxGe&cb=2&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-1_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22175840252%2Ffansided%2F1428elm.com%2Frightrail1%22%7D%5D&cfgv=1&gdpre=1&gdprc=CPfFkMAPfFkMAAcABBENCgCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
XRD6CGKR207KDD1XXZ0N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://1428elm.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
5VaiOFKeFOGa0OdNMyRZIGOue2s4elGSE05QhZGZvO8fayCh13cY_g==
events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame FAA8
13 B
58 B
Fetch
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.83afb37d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
date
Sat, 10 Sep 2022 13:08:28 GMT
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
via
HTTP/2 edgeproxy, 1.1 google
events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame
0
0
Preflight
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 10 Sep 2022 13:08:28 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000877/module/
503 B
811 B
Script
General
Full URL
https://widgets.outbrain.com/nanoWidget/2000877/module/singleAnimationOnFeed.js?e=1
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f5981f2a60d66e9d1805c3d8c73f00bb3200f6722e841d8bc414698a68e7845

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
last-modified
Wed, 07 Sep 2022 11:45:32 GMT
server
AkamaiNetStorage
etag
"9a3612acbedc7ce531a48588b61d129f:1662563329.999224"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Sat, 10 Sep 2022 17:08:28 GMT
l
mcdp-nydc1.outbrain.com/
2 B
292 B
Fetch
General
Full URL
https://mcdp-nydc1.outbrain.com/l?token=7e1564100d0e019ffba8dfa5e0d8073e_199081_1662815308283&tm=1936&eT=0&widgetWidth=300&widgetHeight=302&widgetX=1065&widgetY=1172&wRV=2000877&pVis=1&lsd=-1&eIdx=&cnsntV2=CPfFkMAPfFkMAAcABBENCgCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&rtt=362&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sat, 10 Sep 2022 13:08:28 GMT
content-encoding
gzip
X-TraceId
9913fa67f124ad444220040b348476e1
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
eyJpdSI6IjVhOTFhOWE0ODIwNjdmYzJiYmJmY2ExNTQ0ZjJhNTgxZTZhNjkyN2MzMTliY2Y3NWNlYmQxZjFjYjJjZjM4NWUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
64 KB
64 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVhOTFhOWE0ODIwNjdmYzJiYmJmY2ExNTQ0ZjJhNTgxZTZhNjkyN2MzMTliY2Y3NWNlYmQxZjFjYjJjZjM4NWUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: 1428elm.com
URL: https://1428elm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
697ea77b6846e88322aa80022a42f259b6a90f6b9d6c6a941a64316e5d15f54d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:28 GMT
last-modified
Tue, 29 Mar 2022 11:28:17 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1726521
access-control-allow-credentials
false
x-traceid
772e82462d5f61410e266a7b223841e2
timing-allow-origin
*, *
content-length
65550
widgetGlobalEvent
log.outbrainimg.com/loggerServices/
4 B
325 B
Fetch
General
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=7e1564100d0e019ffba8dfa5e0d8073e&pvId=ced3c7c6c4802fa4d4d323297d9ef65b&sid=5195830&pid=199081&idx=1&wId=1515&pad=1&org=0&tm=1965&eT=3&cnsnt=CPfFkMAPfFkMAAcABBENCgCgAAAAAAAAAAYgAAAAAADBIAIC8xUAEBeYyACAvMdABAXmSgAgLzKQAQF5gAAA.YAAAAAAAAAAA&wRV=2000877&pVis=1&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=2.73.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 13:08:28 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
d2a28c2b083f83ad17fb06f6ce01fcda
Content-Length
4
Expires
0
flyoutInjector.js
app.fansided.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://app.fansided.com/scripts/flyoutInjector.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:1b:3a6c:1300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e15a863cf5c93621c44996060e5447c45cc117c446a350a00ec4b4266075bb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 12:37:57 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 22:48:16 GMT
server
AmazonS3
age
2043
etag
W/"ffad40a56d1cafd94dfb7932bd879384"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
-fZwmpSePa5g7wGZMyAag2l8v9zRFKmw_JuKewmFjl5mWHh5eAI0Mw==
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1577313-14&cid=773752976.1662815307&jid=903436706&gjid=1282405026&_gid=1869851822.1662815307&_u=aGDAgEABAAAAAG~&z=138638564
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1428elm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 10 Sep 2022 13:08:28 GMT
content-type
text/plain
access-control-allow-origin
https://1428elm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2006558829&t=event&ni=0&_s=1&dl=https%3A%2F%2F1428elm.com%2F&ul=en-us&de=UTF-8&dt=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25&el=https%3A%2F%2F1428elm.com%2F&_u=aGDAgEABAAAAAC~&jid=903436706&gjid=1282405026&cid=773752976.1662815307&tid=UA-1577313-14&_gid=1869851822.1662815307&gtm=2wg970KXFQXHB&cd1=none&cd2=314&cd3=none&cd4=none&cd5=ENTERTAINMENT&cd6=Movies&cd7=none&cd8=Homepage&cd9=Payable%20Non%20Article&cd10=web-staticPHP&cd11=1428%20Elm&cd12=none&cd13=304&cd14=none&cd15=none&cd16=none&cd17=none&cd23=en&cd24=en&cd27=Homepage&cd40=44&cd73=0&cd75=The%20Midnight%20Club%2C%20The%20Good%20Nurse%20and%20more%20coming%20to%20Netflix%20and%20Chills&cd78=4&cm1=0&cd29=0&cd31=no%20attempt&cd32=%2CNetflix&cd33=homepage&cd34=none&cd35=none&cd38=none&cd41=none&cd42=none&cd43=none&cd44=none&cd45=none&cd46=none&cd47=none&cd48=none&cd49=none&cd50=none&cd51=none&cd52=none&cd53=none&cd54=none&cd55=none&cd56=none&cd57=none&cd59=none&cd61=1&cd63=&cd64=none&cd65=&cd66=21&cd67=21&cd68=none&cd69=none&cd70=none&cd71=mmPlusNumberOfFoundPlayerOnPage&cd72=none&cd74=none&cd77=none&z=1238899432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Sep 2022 14:27:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81674
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=773752976.1662815307&jid=903436706&_u=aGDAgEABAAAAAG~&z=1190311685
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=773752976.1662815307&jid=903436706&_u=aGDAgEABAAAAAG~&z=1190311685
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loadMonitor.js
cdn.wazimo.com/engine/common/widgets/mmlogger/
561 B
670 B
Script
General
Full URL
https://cdn.wazimo.com/engine/common/widgets/mmlogger/loadMonitor.js
Requested by
Host: cdn.wazimo.com
URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4579 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35507afa8f30bc00343eaca8c0f6cee6e2657bd90904d5b03f2c795a42b103ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 07 Aug 2022 08:27:19 GMT
server
cloudflare
age
1681
etag
W/"62ef7767-28c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcWI5LZGCBOY0htQbkqWIHNCUYIHngsPU3PatvyOawTSvPMyq0SE4GmDLRAGG%2FxdHKvJggVWn8GURrTgj%2BdZYB3Jge4pEmjo8H%2FG7v5FL59G3HtSItrbgUARJDff1gBexqzhExyGPkNeq5Xo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=652
cf-ray
748864917d7e9b5b-FRA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
minify
events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame FAA8
13 B
58 B
Fetch
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.83afb37d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
date
Sat, 10 Sep 2022 13:08:31 GMT
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
via
HTTP/2 edgeproxy, 1.1 google
events
gew4-spclient.spotify.com/gabo-receiver-service/v3/ Frame FAA8
176 B
112 B
Fetch
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.83afb37d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
23d59d219b7f839569e133fc48d082ce8134b13a9e748cbda8e6373be06a30a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer
https://open.spotify.com/
accept-language
de-DE,de;q=0.9
authorization
Bearer BQABTieF_fgGHWnuLQaqy4NO5f7_9TKCtA4lACQoD7XlMABDSTUMw1QRY_T6Yx-q8rAms2bUTILDW4ceHAOTt7tq5A_cYp3x1vgxqyMqq7xu3VxJuhg
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
date
Sat, 10 Sep 2022 13:08:31 GMT
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
via
HTTP/2 edgeproxy, 1.1 google
events
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame
0
0
Preflight
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 10 Sep 2022 13:08:31 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
events
gew4-spclient.spotify.com/gabo-receiver-service/v3/ Frame
0
0
Preflight
General
Full URL
https://gew4-spclient.spotify.com/gabo-receiver-service/v3/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:81:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 10 Sep 2022 13:08:31 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
pixel
ap.lijit.com/
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Fe98d6ba7-1086-4f15-aa4f-a8f601ebd3d8%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 10 Sep 2022 13:08:32 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
eb2.3lift.com/
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pd
u.openx.net/w/1.0/
43 B
131 B
Image
General
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:31 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8
ex.ingage.tech/v1/sync/yahoo/
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/yahoo?userId=e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8&to=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58602%2Focc
  • https://ups.analytics.yahoo.com/ups/58602/occ
  • https://ups.analytics.yahoo.com/ups/58602/occ?verify=true
  • https://ex.ingage.tech/v1/syncPage/yahoo?uid=y-hPDHav1E2uH2D1sYF_E_aJFACeD0kaloKf4JEic-~A
  • https://ex.ingage.tech/v1/sync/yahoo/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=y-hPDHav1E2uH2D1sYF_E_aJFACeD0kaloKf4JEic-~A
0
501 B
Image
General
Full URL
https://ex.ingage.tech/v1/sync/yahoo/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=y-hPDHav1E2uH2D1sYF_E_aJFACeD0kaloKf4JEic-~A
Protocol
H3
Server
2606:4700:3033::6815:34a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2O5FXGUtShfRQtnaSrc%2BIcJs%2BRHXdbdGEqRpDbf0zAD7Ka%2F4Qz1zOzYD%2FBwZBxdgSd9yjMc2lvBBgWicqMqATyjv7E4VlueMhfTwPg5tgc3weFFMQw8MBPdK0uussws2ArfB8H%2B9Mce537DppQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
7488649589f691f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sat, 10 Sep 2022 13:08:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anabRpxPupKXclindNENFqgSzKriIJ4Ge7Cpdy8ewyAu4DQW6Bb78gXy3iwbpmYXAD%2Fc8i%2B0UsaKhTPgx2Dle%2B1HP7tGZxo21hkQsQzMqmBSgHXgC%2FPE4rTqskqzUmNL1TbM5XwKewNbs%2BWLlA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/v1/sync/yahoo/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=y-hPDHav1E2uH2D1sYF_E_aJFACeD0kaloKf4JEic-~A
access-control-allow-credentials
true
cf-ray
74886494d91c91f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/
95 B
223 B
Image
General
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2F1428elm.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:32 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159660
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159660&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTEyQTFDNjYtMzI4OS00NUNGLThGQzctNjVEQzdERTlFODA0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
225 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:31 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 13:08:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8
ex.ingage.tech/v1/sync/amx/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Fe98d6ba7-1086-4f15-aa4f-a8f601ebd3d8%3Fuid%3D
  • https://ex.ingage.tech/v1/sync/amx/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=255a89c4-70d1-4b7f-91fc-d4da1f52f535&gdpr=0&gdpr_consent=&us_privacy=
0
498 B
Image
General
Full URL
https://ex.ingage.tech/v1/sync/amx/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=255a89c4-70d1-4b7f-91fc-d4da1f52f535&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
2606:4700:3033::6815:34a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIJkUHBwXDLyvD9RXrVdBRB1Kok9WmRzBEDE6E0fAIq9md5ZQTmI4nAA2qtiQu99labWQcnMFq99Xt%2FHNDwDXGdWLopw7Tvmv4g4UIwS2zVVM5SMq8uwtKqfEr6497T71Yj6CJxccCSoO%2BFuCw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
74886494284f91f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
https://ex.ingage.tech/v1/sync/amx/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=255a89c4-70d1-4b7f-91fc-d4da1f52f535&gdpr=0&gdpr_consent=&us_privacy=
date
Sat, 10 Sep 2022 13:08:31 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
v1
match.sharethrough.com/universal/
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/sharethrough?userId=e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8&to=https%3A%2F%2Fmatch.sharethrough.com%2Funiversal%2Fv1%3Fsupply_id%3Djc3Tkmr6
  • https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
0
35 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
Protocol
H2
Server
18.196.120.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-120-249.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:32 GMT

Redirect headers

date
Sat, 10 Sep 2022 13:08:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1fEWZPFY7BxKzYsYBGhAO7ZBmAqHEiBT8oJV9wrkmmkD6wLuhXlW%2BZO49bW%2Bnd0lAV301vk4KFz7oVfdl%2FX9H0uV%2BjZpQJ9v05dx2qYWFjQ4V2Zz%2Fz3P2LKKwkvpK0b99kfRdpxixDY7hkl8w%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://match.sharethrough.com/universal/v1?supply_id=jc3Tkmr6
access-control-allow-credentials
true
cf-ray
74886493cfd491f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8
ex.ingage.tech/v1/sync/bidswitch/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8
  • https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dinsticator%26expires%3D30%2...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dinsticator%26expires%3D30%2...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e5b6abca-f094-52fd-8233-325ce12fbe0c&ssp=insticator&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://ex.ingage.tech/v1/sync/bidswitch/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=49ce499a-42ef-483e-8a02-42398c61ef37&gdpr=&gdpr_consent=&us_privacy=
0
495 B
Image
General
Full URL
https://ex.ingage.tech/v1/sync/bidswitch/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=49ce499a-42ef-483e-8a02-42398c61ef37&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Server
2606:4700:3033::6815:34a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1428elm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 13:08:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BtxQcmbQzirHQHTBDzHD7AXtQSRfaJid7svRBXol%2BRs80yqIlRu65SJ1XiJTtxcU5Zc4CCsh%2B2OGiv0BUNz4Qg0b96plFnhnxut9kvbW9mdta9fTxvey6o6HsmEhB2h0x1qho4u8DfasWSTVg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
74886499e84991f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location
//ex.ingage.tech/v1/sync/bidswitch/e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8?uid=49ce499a-42ef-483e-8a02-42398c61ef37&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 10 Sep 2022 13:08:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| apstag object| OneTrustStub function| OptanonWrapper function| showAds object| _wpemojiSettings object| mm_video_data object| mm_plugin_data object| fs_detect object| siteData function| $ function| jQuery function| iFrameResize object| dataLayer object| googletag object| __fs_dfp_targeting object| fs_ad_slots function| __tcfapi object| otStubData object| _comscore function| fsLongformScroll object| jQuery112408106526253730582 object| evtPreviewData object| disqusData object| storyCards function| lazyLoadInit function| siteSidebarMatchMainHeight function| fsTouchDetect function| fsUuid function| fsGetCookie function| sendDataToOneTrust function| setEuConsentCookie function| checkAdVisibility function| lazyLoadAd function| requestTick function| requestPinnedTick function| empty function| hidePinnedAd function| refreshPinnedAd function| showPinnedAd function| moveHeaderAdToTop function| attachGPTEvent function| breakingNewsDetect function| load_mosaic_slider function| loadHotStoriesSlider function| loadVideoSlider function| debounce function| throttle function| getSectionPos function| setMenuSelect object| adVars object| $nav function| resizeSetAppMenu function| scrollSetAppMenu object| Stickyfill string| ispage object| wp object| twemoji object| _sp_ boolean| apstagLOADED object| webpackChunkgroundcontrol function| bootAd object| Audit object| ggeac object| google_tag_data object| google_js_reporting_queue object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| google_tag_manager function| postscribe object| google_tag_manager_external function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| wz object| STR string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| interdeal object| s1 object| COMSCORE function| udm_ object| ns_p function| admiral function| 4dm1r11545242527 object| __twttrll object| twttr object| __twttr undefined| google_measure_js_timing object| __otccpaooLocation object| adsbygoogle string| my_las_uid object| otTCF object| otIabModule object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| onYouTubeIframeAPIReady object| mmCommercialApi object| device object| mmPrebid object| ats undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| nmmRefreshCounts object| webpackJsonp

68 Cookies

Domain/Path Name / Value
1428elm.com/wp-content/plugins/voltax-video-player/styles Name: stateCode
Value: HE
1428elm.com/wp-content/plugins/voltax-video-player/styles Name: countryCode
Value: DE
1428elm.com/wp-content/plugins/voltax-video-player/styles Name: cityCode
Value: FRANKFURT
1428elm.com/wp-content/plugins/voltax-video-player/styles Name: isMobile
Value: false
1428elm.com/wp-content/plugins/voltax-video-player/styles Name: isTablet
Value: false
1428elm.com/wp-content/plugins/voltax-video-player/styles Name: userDevice
Value: desktop
1428elm.com/wp-content/plugins/fansided-shortcodes/dist Name: stateCode
Value: HE
1428elm.com/wp-content/plugins/fansided-shortcodes/dist Name: countryCode
Value: DE
1428elm.com/wp-content/plugins/fansided-shortcodes/dist Name: cityCode
Value: FRANKFURT
1428elm.com/wp-content/plugins/fansided-shortcodes/dist Name: isMobile
Value: false
1428elm.com/wp-content/plugins/fansided-shortcodes/dist Name: isTablet
Value: false
1428elm.com/wp-content/plugins/fansided-shortcodes/dist Name: userDevice
Value: desktop
1428elm.com/wp-content/themes/fansided-v5/assets/images Name: stateCode
Value: HE
1428elm.com/wp-content/themes/fansided-v5/assets/images Name: countryCode
Value: DE
1428elm.com/wp-content/themes/fansided-v5/assets/images Name: cityCode
Value: FRANKFURT
1428elm.com/wp-content/themes/fansided-v5/assets/images Name: isMobile
Value: false
1428elm.com/wp-content/themes/fansided-v5/assets/images Name: isTablet
Value: false
1428elm.com/wp-content/themes/fansided-v5/assets/images Name: userDevice
Value: desktop
cdn.mmctsvc.com/commercial-api Name: stateCode
Value: HE
cdn.mmctsvc.com/commercial-api Name: countryCode
Value: DE
cdn.mmctsvc.com/commercial-api Name: userPlatform
Value: desktop
1428elm.com/ Name: stateCode
Value: HE
1428elm.com/ Name: countryCode
Value: DE
1428elm.com/ Name: cityCode
Value: FRANKFURT
1428elm.com/ Name: isMobile
Value: false
1428elm.com/ Name: isTablet
Value: false
1428elm.com/ Name: userDevice
Value: desktop
.spotify.com/ Name: sp_t
Value: ca1b4378f075114a70a44e3fd808fcef
.spotify.com/ Name: sp_landing
Value: https%3A%2F%2Fopen.spotify.com%2Fembed%2Fshow%2F6UGoRQhRNHXeNq8HwQ1JON%3Fsp_cid%3Dca1b4378f075114a70a44e3fd808fcef%26device%3Ddesktop%26utm_source%3Dgenerator
1428elm.com/ Name: usprivacy
Value: 1---
1428elm.com/ Name: _wzmm.session
Value: "wz631c8c4aea9e8"
.1428elm.com/ Name: _gid
Value: GA1.2.1869851822.1662815307
.1428elm.com/ Name: _gat_UA-1577313-14
Value: 1
.1428elm.com/ Name: _gat_UA-36315219-46
Value: 1
.1428elm.com/ Name: _ga_NB8RD6J3M6
Value: GS1.1.1662815307.1.0.1662815307.60.0.0
1428elm.com/ Name: OneTrustWPCCPAGoogleOptOut
Value: true
.1428elm.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sat+Sep+10+2022+13%3A08%3A27+GMT%2B0000+(GMT)&version=6.37.0&isIABGlobal=false&hosts=&consentId=60c4d7d5-a69a-4b46-8ef6-ae118c3a0b4c&interactionCount=0&landingPath=https%3A%2F%2F1428elm.com%2F&groups=C0002%3A0%2CC0001%3A1%2CC0004%3A0%2CC0003%3A0%2CSTACK42%3A0
.1428elm.com/ Name: _fbp
Value: fb.1.1662815307780.818991591
.1428elm.com/ Name: _awl
Value: 2.1662815307.0.5-35d36c911167250e8068ceb088824ac6-6763652d6575726f70652d7765737431-0
1428elm.com/ Name: ntvSession
Value: {}
1428elm.com/ Name: ntv_as_us_privacy
Value: 1---
1428elm.com/ Name: _lr_geo_location
Value: DE
.postrelease.com/ Name: opt_out
Value: 1
1428elm.com/ Name: hb_insticator_uid
Value: e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8
.1428elm.com/ Name: _ga
Value: GA1.2.773752976.1662815307
.1428elm.com/ Name: _dc_gtm_UA-1577313-14
Value: 1
.rubiconproject.com/ Name: khaos
Value: L7VXAVFW-J-JPVO
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpLjB1LvI2WBHjc0/aJelRdbjRFtGIHH0u7I8FWAH9subwkfuqGQO6Q/O3wpHl2axBo2B05UvZjL7ztw+qv3IoMsqlSNZOaaDQ=
.adnxs.com/ Name: icu
Value: ChgIk8htEAoYASABKAEwzJjymAY4AUABSAEQzJjymAYYAA..
.adnxs.com/ Name: uuid2
Value: 926257937016924522
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1663977600%3A220
.pubmatic.com/ Name: ipc
Value: 159660^^1^0
.pubmatic.com/ Name: pi
Value: 159660:2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E12A1C66-3289-45CF-8FC7-65DC7DE9E804
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
ex.ingage.tech/ Name: instUid
Value: e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8
.doubleclick.net/ Name: IDE
Value: AHWqTUmszerpo3b7d-exOR8SIwQg9Bv6JoCPu8PH8_6RMqcLXJHhZdpvru9Ezdqsvcw
.yahoo.com/ Name: A3
Value: d=AQABBFCMHGMCEChfD5UAOdy3Dap6CppBAaUFEgEBAQHdHWMmYwAAAAAA_eMAAA&S=AQAAArPbvL00IOtcfSxIM1cUTvI
.analytics.yahoo.com/ Name: IDSYNC
Value: 197u~2731
.bidswitch.net/ Name: tuuid
Value: 49ce499a-42ef-483e-8a02-42398c61ef37
.bidswitch.net/ Name: c
Value: 1662815312
.bidswitch.net/ Name: tuuid_lu
Value: 1662815312
.bidswitch.net/ Name: custom_data
Value: e98d6ba7-1086-4f15-aa4f-a8f601ebd3d8
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: e5b6abca-f094-52fd-8233-325ce12fbe0c
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YxyMUAAHQ2CCGojE_cJCpvuAn_snzS3Pst2j8A==

7 Console Messages

Source Level URL
Text
other warning URL: https://1428elm.com/(Line 39)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/iframeSizer.min.js?ver=4.9.21
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://open.spotify.com') does not match the recipient window's origin ('https://1428elm.com').
javascript warning URL: https://open.spotifycdn.com/cdn/build/embed/embed.6f11bd5c.js
Message:
It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
network error URL: https://pbs.nextmillmedia.com/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pbs.nextmillmedia.com/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pbs.nextmillmedia.com/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://open.spotify.com/embed/show/6UGoRQhRNHXeNq8HwQ1JON?utm_source=generator
Message:
The resource https://open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d319d911.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1428elm.com
a.teads.tv
ad.doubleclick.net
ads.betweendigital.com
ads.yieldmo.com
ap.lijit.com
app.fansided.com
apresolve.spotify.com
ats.rlcdn.com
bqstreamer.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn.cookielaw.org
cdn.equalweb.com
cdn.fansided.com
cdn.mmctsvc.com
cdn.wazimo.com
cdn3.optimizely.com
cm.g.doubleclick.net
connect.facebook.net
d3ujids68p6xmq.cloudfront.net
eb2.3lift.com
encore.scdn.co
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gammamaximum.com
geo.privacymanager.io
geolocation.onetrust.com
gew4-spclient.spotify.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.scdn.co
ib.adnxs.com
image2.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
images2.minutemediacdn.com
jadserve.postrelease.com
log.outbrainimg.com
ls.skimresources.com
match.sharethrough.com
mcdp-nydc1.outbrain.com
memorizeneck.com
minutemedia-d.openx.net
mv.outbrain.com
native.sharethrough.com
o22381.ingest.sentry.io
odb.outbrain.com
open.spotify.com
open.spotifycdn.com
p.skimresources.com
pbs.nextmillmedia.com
platform.twitter.com
prebid.a-mo.net
promotions.minutemediaservices.com
r.skimresources.com
region1.analytics.google.com
s.ntv.io
s.skimresources.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
shb.richaudience.com
ssc.33across.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.richaudience.com
syndication.twitter.com
t.skimresources.com
tag.1rx.io
tcheck.outbrainimg.com
tlx.3lift.com
u.openx.net
ups.analytics.yahoo.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.18.18.126
104.244.42.136
13.248.245.213
142.250.185.166
142.250.186.34
143.204.214.184
143.204.215.6
147.75.85.234
151.101.114.132
151.101.66.217
151.139.128.11
157.90.0.13
162.55.236.224
18.196.120.249
185.64.189.110
188.42.196.115
198.47.127.18
198.47.127.22
2.16.186.19
2.18.232.7
2.21.20.151
2001:4860:4802:34::36
209.191.163.210
213.19.147.43
23.35.229.181
23.35.237.64
23.35.237.86
2600:1901:0:524d::
2600:1901:0:802f::1
2600:1901:0:f8d1::1
2600:1901:1:81::
2600:1901:1:c36::
2600:9000:2057:c200:1:4290:76c0:93a1
2600:9000:214f:2000:8:48e:53c0:93a1
2600:9000:214f:ce00:1b:3a6c:1300:93a1
2602:803:c003:200::61
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:267
2606:4700:20::681a:d5f
2606:4700:20::ac43:4579
2606:4700:3033::6815:34a1
2606:4700:4400::6812:2962
2606:4700::6810:9540
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9b
2a02:26f0:600::210:5b11
2a02:26f0:ab00::b819:32c8
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:62::761
2a04:4e42:9::760
3.126.56.137
34.120.117.212
34.120.195.249
34.149.20.76
34.233.48.179
34.240.38.30
35.190.59.101
35.190.91.160
35.201.67.47
35.211.178.172
35.244.159.8
37.252.173.22
44.195.242.53
52.28.203.152
52.59.92.120
63.34.160.33
65.9.66.86
65.9.71.118
70.42.32.95
96.16.142.89
99.86.4.110
99.86.4.2
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
051d2c2b29c78abf56fb0b02dd8e704984e3c7fe38c08dd443014989624e3dcd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a7d2102b40065807ab283b7a4a2256bf1c18d3cb804b46035999e8be8593d25
0b1cdc0678474ae3c50f7df62c9210a64eac412722831418ef4d5c7a1c821457
0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be
0b8ab5495b94d864fdc4adf3423db0fe6362ca051ab5cdc8bca11e581e25cd19
0c60fd01004a4b5f4997c54e3fed4e0a1080ae7c6c263af83fa7f4a0fff96c15
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e04686e158727ab7fa8bea8b11ecb38fc1809e15a6ce730a003d2b6743746e
116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73
12c9cfb9b0091c1a69fb92b7d3940a87f9ef0d65194e6f9bf692143dca74a8b1
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
17fcda082e71be770d01ef9cc22fa7e4be5744e15e75d795c0cab417d33be0cd
19c459b0ed66b69066cef6ca25981e3c5252bb0712e6307769acdafb59ddfbf6
1a17e916c231c44676b729589a258a2e9083f092474760d454fbd22ac30e1c47
1b2295f150d93c7cbbae441911d7d71dbca1852c713744b0aea4a8566ab5342d
1b5234f32c2e3f4c5bec6beb2e4ba9154be7b95842fbc63353490362f0115d0b
1d752805498ebd36b9c69ad1d3da93b1561ea6b33f58ec89a66a4228a357dfe2
1de08cc8e987bc99d4ef5742c85718af205dd4ab71147e0960ef57c3933b3b0d
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5
23d59d219b7f839569e133fc48d082ce8134b13a9e748cbda8e6373be06a30a8
247caf8ecadeefc4e1019196ab84b9660148b348f3993019cd95ab994f67fe0d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1
29bd20722dcc17f6d043bd905e16bfa1c6d38b301713b616e606ec7fd6cadb9d
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ca8b364effc1bc14307e86e63c763d97ac4679909d03eee0581a1bfc2661b51
2d981c15ea646ee3aec4897ad76a576694cffb0159a0d39f4459e7044958625c
2e8eb8e96e4642198b4bf42b26a34cd87de62058ea2533daeb8d5ae4bbbba446
2f943fe17fd741f9769733b89cc0362c9f8b9889846b7688d7d38dcd7d94139a
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
30671e8390306fbd33e0bdbecc86fb3c37593352dc6b31930cd26048bc08c69b
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141
3262dc8e037719b709a5d6c68e2eaede4827f7b2ef6c6ce471f2ee89bb81f767
32abbfc580aae2787337f821c59d96506969d0d3e701bf1843181fce0081bf57
334a98eaeec325cbc84a300e98e133aae9fac74e682f34d11bf0cea7236781f1
33a642f2460fb79ef0c26bbc5212fceaa9997e98b0ab5b7aa85781366af2f5cb
35507afa8f30bc00343eaca8c0f6cee6e2657bd90904d5b03f2c795a42b103ca
37adcf40837b4554a3d81c8ece07e3143489ec445c0b310846fa60305b99c93f
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7
384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f99eb8da51fa8e82b7babbbfb76d2d5783cb522c32e4644486e2828de18bde4
41315f9071cabbb50024670c0652fc781325cb44df88795fcdeeed19766219a3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4512cabf9f9cece5045ebc0762975ff88015623aa41cdb216f4e5b1a4df66531
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
46ed4a74eafc601b0aa2f81389185002dd37349730665110c0ff7fff8e6b88a2
486c16398030aaa3ce4d9d0d809bbf2b88e0792bfa47dc1ea8a0cf1fa11d778b
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4a1852b65468160040ac64a15d26fca0528f3f61cc4722150d7cc2e332de5784
4a776fe296c8109e914f56d2f82b07ac508361c7e48b2df55342ab195bf0b79b
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4d04b59c24d4cbe00320854f7d6c5dd1be37711737966722945dafc159e8adf1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5981f2a60d66e9d1805c3d8c73f00bb3200f6722e841d8bc414698a68e7845
4fd8c44560faf66270cee5577f618167e8a02b7b5a139ad5f6eba4f857a6eb00
51d1f220e6b2184a1d55b715797a89377333709de7bf7c8ab12dbef2fec50faf
540f28d2413bd42f5edbba260e2dd43a4755c7c1236ceada6f55c1295d452dd5
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
5525fe0659c283e57d8ca8f0ff56cba585bd7fe8532df9387c0a824ae35dec76
55628ca3cfa5bbf0b23c0b5d0815a2aa019b9672ccd2b778c2de35c8644f775d
58023ca0b63c30d34ce6fe8f0c2bba1d05fcf68530ed282df22be8d8bbd9402f
5947a6eb880972751f159a64047c40ec8e405387855616c59444a1b02f54da6b
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5b8a8db63644026156e675e1ff7281d7bab273f2e713472d6927835b24f1e64c
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d819eb3171878e122406f5b8430e11baedc026f70054199205cf736558e818f
621a5e27807c3c536b6729a476f784858e68c060fb176c216c7a85dd1234b2ed
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6
697ea77b6846e88322aa80022a42f259b6a90f6b9d6c6a941a64316e5d15f54d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6afee29defad466d4261ffa3473a90050d6202d9270147a8ea95b49dcde213c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
6e26ff0c411d33997317ec5563c1608efc19f5ed16800fc6fd3ec70627147dfb
727fad1865699a0cac42cd575916e2fb0828cfcfb3c0f44281988c7057917a31
768bb0a2198656526df513f4dae611b819f36361ca7f5f6bfd9a90e7a442376f
7a76f3d08e4adc6755b8e065fb8cad6d78132dd931252e68f372c7a873a56381
7ba5463e09717766674cb4101725eecea0bf32de980e2d2a9eac3e1cdaf4eff4
7c4379ae888a737fd330f0c964e263b1a64a51a7a69a5c76f3dc049a7f1b325a
7e15a863cf5c93621c44996060e5447c45cc117c446a350a00ec4b4266075bb0
7ef84ac31eb8c679d1a94fd888c449c58ab9d372c3e5d48e3f5daa3367024b15
7fd87a6b70d7b8e7978f80947a231dd3292c7d528796a980b240b538d3aa4418
800d0b8be550da8c3cfc515ccd5ce0017cdc4dafa2bc1d520e6810d77e3913af
819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1
8333adb401ba7850a25b421c30fb286e04be623c039e5da454fbaecc2d678278
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c1b1a5b67c549a9f270ca4cdc48affbbe8562de2fd7c4b8466b6466b8e1239
840df336ccbf85b415e3063f045e2bdfe0f226a1320e555bd505581b9eaa5228
84751f727b9b505d511f7ff528b764ddc9252979b77b43fa776696b0355864b5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87c0a0481b438c8b4b58c77ba89ae99b02185d9ce39b7b79141b81da5efcbdbb
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b1314f3eaccd2b863f7435fac37b38ba794f421ff65a4bac56f77a8f153a1d4
8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d2c38621c47d0d6253a21287bc854b473d73e4bacde1d1c8bd308eff5f55738
8d7ea423aa6b3c67d811ba1ce6367a67b5880166d717fcd9d582f13e88047497
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
8fee223f3cc81f7d294130222a343d3f2550f2829f16ba632af7b640802fd722
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
96a2bcebd9cd73bd22cdcec665fd6f1bc5779ccf759ae891c1343b2a366d1ab5
993f5f447b36e705cfa6999d8426c6e0ba2c8e5bc4d0609e806d24fba35b34f3
9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6
9b87e2383441f1aa07178b3ceaf513b91b8984dec523c3a177262bafb05845fb
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
a007afff964b435818a8b12118ef6892592a8df3ddb886fc77e2302b36ef04b0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a473914c1f9208ee1eb8a6a55776ab6abcfc3971d5d27e2d189cb07d04ab4292
a5e05e7af870d7c320da64e168124d0ef08f269f682f1eddec0a37c9a6fbf24f
a6e316d5efa161b9d3e0c60acc0f718792bc52b54c3ccbd0931acfbdb988e5ec
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
ab3ba1aea251f28139d1d667bec65bd2e49d2bc5586f000a6963614e91c59042
adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a
aff15f1d06e0a1a950db03ffbad3183a237c3ce74b8c8e760cd5f2e478f0986c
b0658c9fe98a09420423f9c0949a8ade1d04c89d2aa587927ac08cb0e82cda98
b0c2113e1ad7f23803d09116ac468469cad617e7afe10de77779e14a25f1a08b
b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec
b170f3f97cae5bf03a7806b52694de356c15c8ed4f820af03f93a6b0194206fb
b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2
b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a
b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6e56f7d4d691eae8da027ce18e651b6e0b6a3fd7facd5aff5b5a2d0fafdde7e
ba924e0c34a8b78a28ad933ebe2742c98307b63b19903014060d16e42bbfe008
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bbfb9f6db07ed2e8696ff1d88a287260d746257c7a30a0254590cc7cd866a559
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20
bee03409b59f84f416b678b9126bf38f87d5a959b11be0dd1b209e7e82fb87a4
c02ff070470bb2ffe5ed7b6e5731dcf6a318af3a795f0ac13bf1eb4667763f98
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
c889d3593066c74eae7b8f0ee34c61dbe7c6a57a1807830e7c29bd807781fac6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d17e03e98964e4b014cbce6a17f766cd8c2cac5b668ffdd9de6e2853233046b3
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d
d5ffecb1401a602662fbb3b86d9bd413c5e49391fa53be39602ad4edff08db3d
d61cfd8f7e6fcbdbad920d8b9b3af30d17707ce415a60da8aba78d78b2d843c4
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec
daff352338723194f186a147a6b4d90cfdf77ae5ef1f69039cd453216c7dcfdf
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5cee59a5aae5b3a05e9ba3de8f668ccb79b0f03a304d243e4633e081981440
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0254f664aaf6f2c172fadda0971ad2bb5dcd106617750a78c49a4f0cab1fad0
f25ff9abec2c3c2dadde01348a6026f452ecef732d0bfdeda2db84833ee51aa5
f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681
f4db2bd0ad4596e6578f4341264f4182e05542a3d86cd4e5a185d59d780a043d
f83f1791425efca755369b9ac69397dff7f6cdaa14551d1ce6a1e75f7b3ab5d9
f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35
f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc
fa962f2c5178a76ea72a184726aa7b849d92b4776d40044d93a478531b4fae93
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fcd6b4b6eaf5c8955fb42b9551fd2aab3ee3022d3b41818f3ad305166a837716
fdfcb19276775e9fa09dbb646fac604f6311a95a824bb4d6e1fc3b9d784f7574