lobby.uptownaces.eu Open in urlscan Pro
190.4.90.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lobby.uptownaces.eu:2072/Lobby.aspx?SkinId=1&laffid=4795&ltrackingid=119595685
Effective URL:
https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Submission: On May 31 via api (May 31st 2023, 11:05:38 am UTC) from LU — Scanned from DE

Summary HTTP 146 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 11 domains to perform 146 HTTP transactions. The main IP is 190.4.90.1, located in Escazu, Costa Rica and belongs to T-Four Services S.A, CR. The main domain is lobby.uptownaces.eu.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 23rd 2022. Valid for: a year.

This is the only time lobby.uptownaces.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	190.4.90.1 190.4.90.1	16973 (T-Four Se...) (T-Four Services S.A)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
50	2a01:53c0:ff0... 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
23	104.21.0.108 104.21.0.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:a1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.177.104.143 35.177.104.143	16509 (AMAZON-02) (AMAZON-02)
2	95.217.77.226 95.217.77.226	24940 (HETZNER-AS) (HETZNER-AS)
18	91.235.132.76 91.235.132.76	() ()
1 4	91.235.132.130 91.235.132.130	() ()
1	91.235.134.131 91.235.134.131	() ()
146	14

4 190.4.90.1 (Escazu, Costa Rica) 1 redirects

ASN16973 (T-Four Services S.A, CR)

lobby.uptownaces.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 (United States)

ASN54994 (QUANTILNETWORKS, CA)

flshertfd.cfcontentdnfls.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.21.0.108 (None, )

ASN13335 (CLOUDFLARENET, US)

chat.uptownaces.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.uptownaces.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uptownaces.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
street.uptownaces.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a1e (United States)

ASN13335 (CLOUDFLARENET, US)

44tcalk779.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.104.143 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-104-143.eu-west-2.compute.amazonaws.com

secure.s-dati.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.77.226 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: data-api-new04.kameleoon.net

data.kameleoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 91.235.132.76 (None, )

ASN- ()

tags.s-dati.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (None, ) 1 redirects

ASN- ()

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (None, )

ASN- ()

btcmgcxcpo56pvpcyakwasnszjbekzxble7xm63c7e153e1ac75f659fam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	cfcontentdnfls.eu flshertfd.cfcontentdnfls.eu — Cisco Umbrella Rank: 610290	5 MB
27	uptownaces.eu 1 redirects lobby.uptownaces.eu chat.uptownaces.eu track.uptownaces.eu uptownaces.eu street.uptownaces.eu	1 MB
19	s-dati.com secure.s-dati.com tags.s-dati.com	140 KB
5	online-metrix.net 1 redirects h.online-metrix.net btcmgcxcpo56pvpcyakwasnszjbekzxble7xm63c7e153e1ac75f659fam1.e.aa.online-metrix.net	17 KB
2	kameleoon.io data.kameleoon.io — Cisco Umbrella Rank: 20439	998 B
2	gstatic.com fonts.gstatic.com	30 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	39 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	442 KB
1	kameleoon.eu 44tcalk779.kameleoon.eu	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	940 B
0	Failed function sub() { [native code] }. Failed
146	11

	Domain	Requested by
50	flshertfd.cfcontentdnfls.eu	lobby.uptownaces.eu
18	tags.s-dati.com	secure.s-dati.com tags.s-dati.com
17	chat.uptownaces.eu	lobby.uptownaces.eu chat.uptownaces.eu
4	h.online-metrix.net	1 redirects tags.s-dati.com
4	lobby.uptownaces.eu	1 redirects cdnjs.cloudflare.com
3	track.uptownaces.eu	lobby.uptownaces.eu track.uptownaces.eu
2	data.kameleoon.io	44tcalk779.kameleoon.eu
2	uptownaces.eu	lobby.uptownaces.eu 44tcalk779.kameleoon.eu
2	fonts.gstatic.com	fonts.googleapis.com
2	cdnjs.cloudflare.com	lobby.uptownaces.eu
2	cdn.jsdelivr.net	lobby.uptownaces.eu cdn.jsdelivr.net
1	btcmgcxcpo56pvpcyakwasnszjbekzxble7xm63c7e153e1ac75f659fam1.e.aa.online-metrix.net
1	secure.s-dati.com	track.uptownaces.eu
1	street.uptownaces.eu	lobby.uptownaces.eu
1	44tcalk779.kameleoon.eu	lobby.uptownaces.eu
1	fonts.googleapis.com	lobby.uptownaces.eu
0	hdokiejnpimakedhajhdlcegeplioahd Failed
0	gmbmikajjgmnabiglmofipeabaddhgne Failed
0	dpdmhfocilnekecfjgimjdeckachfbec Failed
0	pnjaodmkngahhkoihejjehlcdlnohgmp Failed
0	gaonpiemcjiihedemhopdoefaohcjoch Failed
0	kgjfgplpablkjnlkjmjdecgdpfankdle Failed
0	oiekdmlabennjdpgimlcpmphdjphlcha Failed
0	apfkfccpcldeeaampkebgommjmdoghbf Failed
0	lifbcibllhkdhoafpjfnlhfpfgnpldfl Failed
0	eofcbnmajmjmplflapaojjnihcjkigck Failed
0	mbckjcfnjmoiinpgddefodcighgikkgn Failed
0	baejfnndpekpkaaancgpakjaengfpopk Failed
0	gomekmidlodglbbmalcneegieacbdmki Failed
0	gighmmpiobklfepjocnamgkkbiglidom Failed
0	glcimepnljoholdmjchkloafkggfoijh Failed
0	flliilndjeohchalpbbcdekjklbdgfkk Failed
0	bihmplhobchoageeokmgbdihknkjbknd Failed
0	caljgklbbfbcjjanaijlacgncafpegll Failed
0	bkdgflcldnnnapblkhphbgpggdiikppg Failed
0	ipmkfpcnmccejididiaagpgchgjfajgp Failed
0	ppdonaappkjkbgbncmmjencphdclioab Failed
0	dgpfeomibahlpbobpnjpcobpechebadh Failed
0	hpbohmeoofibpbiiklpofdfehodejbmk Failed
0	jnhgnonknehpejjnehehllkliplmbmhn Failed
0	mlomiejdfkolichcflejclcbmpeaniij Failed
0	ohahllgiabjaoigichmmfljhkcfikeof Failed
0	cmllgdnjnkbapbchnebiedipojhmnjej Failed
0	kbfnbcaeplbcioakkpcpgfkobkghlhen Failed	tags.s-dati.com
0	khhckppjhonfmcpegdjdibmngahahhck Failed	tags.s-dati.com
0	fdcgdnkidjaadafnichfpabhfomcebme Failed	tags.s-dati.com
0	llgiblikeclfoebojkplbcmnicgcabhg Failed	tags.s-dati.com
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	tags.s-dati.com
0	djflhoibgkdhkhhcedjiklpkjnoahfmg Failed	tags.s-dati.com
0	gcbommkclmclpchllfjekcdonpmejbdp Failed	tags.s-dati.com
0	jlhmfgmfgeifomenelglieieghnjghma Failed	tags.s-dati.com
0	pbjikboenpfhbbejgkoklgkhjpfogcam Failed	tags.s-dati.com
146	52

This site contains no links.

Subject Issuer	Validity	Valid
*.uptownaces.eu AlphaSSL CA - SHA256 - G2	`2022-05-23` - `2023-06-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
platformcdn.eu GeoTrust TLS RSA CA G1	`2023-04-25` - `2024-04-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
uptownaces.eu Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
secure.s-dati.com AlphaSSL CA - SHA256 - G2	`2022-06-03` - `2023-07-05`	a year	crt.sh
data.kameleoon.io R3	`2023-03-30` - `2023-06-28`	3 months	crt.sh
tags.s-dati.com AlphaSSL CA - SHA256 - G4	`2022-12-09` - `2024-01-10`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-06-08` - `2023-07-10`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Frame ID: 5B3CB59B9BE9708EA6288D89D77F5352
Requests: 81 HTTP requests in this frame

Frame: https://uptownaces.eu/kameleoon/09012020UptownAcesKameleoonIframe.html
Frame ID: 45E5409B4B516888093AA4B8EED33BF3
Requests: 1 HTTP requests in this frame

Frame: https://tags.s-dati.com/fp/check.js;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&jb=3d392424687b6f7d3555616c64677773266a7b6f3f556966666f777125303831382468736a753f416a7a6f656d24627162354368726f6565273030393331
Frame ID: B93A4558D9AB6653110EDA24BEB0EF39
Requests: 48 HTTP requests in this frame

Frame: https://chat.uptownaces.eu/design/defaulttheme/fonts/MaterialIcons-lhc-v5.woff2
Frame ID: DB93C7F54745171CBB3ECD9BB75E584F
Requests: 3 HTTP requests in this frame

Frame: https://chat.uptownaces.eu/design/defaulttheme/fonts/MaterialIcons-lhc-v5.woff2
Frame ID: EFD10910589CD3CCAC9A1C420C0562A8
Requests: 6 HTTP requests in this frame

Frame: https://tags.s-dati.com/fp/HP?session_id=9a6f6948-c924-41de-a624-7e5f029482c5&org_id=btcmgcxc&nonce=7e153e1ac75f659f&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 24C1AEF7721BF7F3F802370CE60B4C3A
Requests: 3 HTTP requests in this frame

Frame: https://tags.s-dati.com/fp/ls_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f
Frame ID: 3DB7B94F3155A1ED4BE510CBC260DB2E
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f
Frame ID: F2A690DE38C43D814DE963397E13CD3D
Requests: 2 HTTP requests in this frame

Frame: https://tags.s-dati.com/fp/top_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f
Frame ID: 8E84C037F479386307135FC04136E14A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Uptown Aces

Page URL History Show full URLs

https://lobby.uptownaces.eu:2072/Lobby.aspx?SkinId=1&laffid=4795&ltrackingid=119595685 HTTP 307
https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

146
Requests

74 %
HTTPS

46 %
IPv6

11
Domains

52
Subdomains

14
IPs

6
Countries

6649 kB
Transfer

11010 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lobby.uptownaces.eu:2072/Lobby.aspx?SkinId=1&laffid=4795&ltrackingid=119595685 HTTP 307
https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://h.online-metrix.net/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&k=2

146 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request lobby Show response
lobby.uptownaces.eu/
Redirect Chain

https://lobby.uptownaces.eu:2072/Lobby.aspx?SkinId=1&laffid=4795&ltrackingid=119595685
https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685

773 KB
581 KB

226ms
226ms

Document
text/html

190.4.90.1
T-Four Services S.A

General

Check archive.org

Show headers Download Go to

Full URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.4.90.1 Escazu, Costa Rica, ASN16973 (T-Four Services S.A, CR),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 61bcb94faf3a0e1078cc76aa99ab91cae04105c27e05873a84f562df81b372df

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 594460
content-type: text/html; charset=utf-8
date: Wed, 31 May 2023 11:05:30 GMT
server: Microsoft-HTTPAPI/2.0

Redirect headers

cache-control: no-store, no-cache, max-age=0, s-maxage=0, must-revaldiate
content-length: 0
date: Wed, 31 May 2023 11:05:30 GMT
location: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
server: Microsoft-HTTPAPI/2.0

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
940 B 136ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Martel+Sans:wght@400;500;600;700&display=swap

Requested by

Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88dab73b605ca35af1d53ef37f89e6adeb5cb79c47a86cda81087b4b547fa6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 10:59:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 11:05:31 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 331 KB
54 KB 32ms
7ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b89606bf42acdeb4f05cff729f63f2f0574e87011d4aa5a05253a3bfcd7461bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 31 May 2023 11:05:30 GMT
x-content-type-options: nosniff
content-encoding: br
age: 36311
x-jsd-version: 7.2.96
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54765
x-served-by: cache-fra-eddf8230070-FRA
x-jsd-version-type: version
etag: W/"52d34-McwSlO6CU7M543fkTyDaQiyOjpU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 app.82aee6c0.css
flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/css/ 80 KB
14 KB 244ms
29ms Stylesheet
text/css 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/css/app.82aee6c0.css
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 37100194e5ee6442e2bee197e93972cbf43630de593aff6e4a64e0b3e91a912e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:32:04 GMT
content-encoding: gzip
age: 1805607
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 14111
last-modified: Sat, 06 May 2023 00:08:18 GMT
server: QTL_Cache/1.2.14
etag: "1404e-5fafb33e66610-gzip"
x-qtl-request-id: 73c8630b546b97caea0ba46026a52a9c
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 chunk-vendors.5b59e1d4.css
flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/css/ 495 KB
58 KB 229ms
14ms Stylesheet
text/css 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/css/chunk-vendors.5b59e1d4.css
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: ebcd76ae23ce03e111bdaf3b44663516393da0cf9ca54c0c11d3c69a1238c413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:32:04 GMT
content-encoding: gzip
age: 1805607
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 59375
last-modified: Sat, 06 May 2023 00:08:18 GMT
server: QTL_Cache/1.2.14
etag: "7bdd0-5fafb33ee7490-gzip"
x-qtl-request-id: defe7a68aa66b4e2d820882a15f40b37
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 app.c42c38ce.js Show response
flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/js/ 660 KB
138 KB 254ms
39ms Script
application/javascript 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/js/app.c42c38ce.js
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: c3525c96739f2be31a72d28b2bb2eff216fd7de710f34c075f12de9108e22b35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:32:04 GMT
content-encoding: gzip
age: 1805607
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
last-modified: Sat, 06 May 2023 00:08:20 GMT
server: QTL_Cache/1.2.14
etag: "a4f5a-5fafb3411def8-gzip"
x-qtl-request-id: 393b6bdda4695d2a7fb191163d928e5d
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
access-control-allow-headers: Content-Length

GET
H2 200 chunk-vendors.dc2a6256.js Show response
flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/js/ 759 KB
238 KB 239ms
24ms Script
application/javascript 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/js/chunk-vendors.dc2a6256.js
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: b139f95d938d56785e16b34b5cb730805acb4b5d3902bbdfb68571128c6e759d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:32:04 GMT
content-encoding: gzip
age: 1805607
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
last-modified: Sat, 06 May 2023 00:08:26 GMT
server: QTL_Cache/1.2.14
etag: "bdb97-5fafb346d4d38-gzip"
x-qtl-request-id: b87c98addbc78ced65a8e4210358e6c9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
access-control-allow-headers: Content-Length

GET
H2 200 chunk-2a53d1ba.b455ecb5.css
flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/css/ 0
2 KB 272ms
58ms Other
text/css 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/css/chunk-2a53d1ba.b455ecb5.css
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:43:41 GMT
content-encoding: gzip
age: 1804910
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 1245
last-modified: Sat, 06 May 2023 00:08:18 GMT
server: QTL_Cache/1.2.14
etag: "fe3-5fafb33edbcf8-gzip"
x-qtl-request-id: 302217302940a3e62dea494db1f91aa0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 chunk-586d8fd8.44357239.css
flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/css/ 0
1 KB 271ms
58ms Other
text/css 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/css/chunk-586d8fd8.44357239.css
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:43:41 GMT
content-encoding: gzip
age: 1804910
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 655
last-modified: Sat, 06 May 2023 00:08:18 GMT
server: QTL_Cache/1.2.14
etag: "7ee-5fafb33e9cd28-gzip"
x-qtl-request-id: 5b0e8b4ec0f304ba6a9f49a9f6af3bb4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 chunk-2a53d1ba.361d239c.js
flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/js/ 0
5 KB 34ms
31ms Other
application/javascript 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/js/chunk-2a53d1ba.361d239c.js
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:43:42 GMT
content-encoding: gzip
age: 1804909
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 4652
last-modified: Sat, 06 May 2023 00:08:21 GMT
server: QTL_Cache/1.2.14
etag: "4daa-5fafb34190318-gzip"
x-qtl-request-id: ee0bba9ac6feae1b8de3663ea074fece
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 chunk-586d8fd8.6cc40353.js
flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/js/ 0
5 KB 33ms
30ms Other
application/javascript 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/js/chunk-586d8fd8.6cc40353.js
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:43:43 GMT
content-encoding: gzip
age: 1804908
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 5130
last-modified: Sat, 06 May 2023 00:08:21 GMT
server: QTL_Cache/1.2.14
etag: "481f-5fafb341862f0-gzip"
x-qtl-request-id: 0e15f1e1cf47cb296831367ec797ad60
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 35ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1017447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqqxbzEACJSCFsIKDOjvv3gEAlT2S2fhZWnaNjh2s3hS2rXSuuwm39cmd%2BWEsk6mb03Y00HCTndcLV9fKAAsJpvQm8Ar6WxftBUvcwSN7UH1AnXrQW%2Bqhyz5Y4yvrpFJvlkPU13aK8y7OqoBc9QZXmd4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cfebe063b81bb8b-FRA
expires: Mon, 20 May 2024 11:05:31 GMT

GET
H2 200 jquery.signalR.min.js Show response
cdnjs.cloudflare.com/ajax/libs/signalr.js/2.4.0/ 39 KB
11 KB 29ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/signalr.js/2.4.0/jquery.signalR.min.js

Requested by

Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a24da1092d03c62f0a787887bf897423078d0cba5df6b507c0807c7f3bdf430b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 501619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10877
last-modified: Mon, 04 May 2020 16:16:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fce-9c67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkvGanuwAlK1TsNu4RHMSD8O3F2s2GZXSF52VhBtXbhcjNE2wVJT7c6uKoNPRfSC6jEn3gd79174%2BjuvTxu2aXply9f6ICkpnUZx%2BCZ3ZiWegwlK2xMgvm3eIQlFXs%2BP44fIgJOM5LArXNArHUG8Kzwx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cfebe063b84bb8b-FRA
expires: Mon, 20 May 2024 11:05:31 GMT

GET
H2 200 CDK.js Show response
flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/ 591 KB
84 KB 17ms
16ms Script
application/javascript 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://flshertfd.cfcontentdnfls.eu/client//lobbyCorePackages/23.05.0.23.5.0.8/LobbyCore/AllSpark/CDK.js
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: ccedded302e1764c6a608389e5b042dfa13489a356125d5c62dc04badbbd7f7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:32:04 GMT
content-encoding: gzip
age: 1805607
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
last-modified: Sat, 06 May 2023 00:08:18 GMT
server: QTL_Cache/1.2.14
etag: "93c86-5fafb33f440f0-gzip"
x-qtl-request-id: 7ca2e749e4e2cfa5322cde9b3b3ea232
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
access-control-allow-headers: Content-Length

GET
H2 200 negotiate Show response
lobby.uptownaces.eu/signalr/ 617 B
719 B 167ms
166ms XHR
application/json 190.4.90.1
T-Four Services S.A

General

Check archive.org

Show headers Download Go to

Full URL

https://lobby.uptownaces.eu:2072/signalr/negotiate?clientProtocol=2.0&hostUrl=https%3A%2F%2Flobby.uptownaces.eu%3A2072%2Flobby%3FSkinId%3D1%26laffid%3D4795%26ltrackingid%3D119595685&clientApiLevel=6&casinoId=1&skinId=1&clientId=3&clientKey=%7B4FFB2EEE-C103-4677-A006-53FCEDFCFAB3%7D&packageName=LobbyCore&connectionData=%5B%7B%22name%22%3A%22lobbyhub%22%7D%2C%7B%22name%22%3A%22databasenotifyhub%22%7D%2C%7B%22name%22%3A%22tournamentshub%22%7D%5D&_=1685531131903

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

190.4.90.1 Escazu, Costa Rica, ASN16973 (T-Four Services S.A, CR),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

52358106ed5f32bce8b050b1052982897a600c79cfebe865c9c1fc7cc544ac9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 31 May 2023 11:05:31 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=UTF-8

GET
H2 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 387 KB
388 KB 24ms
10ms Font
font/woff2 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.2.96

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c1c004a90e60a31becd3ca261781c3a13a2937b5b26338fd8dd89e10ab562849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 31 May 2023 11:05:32 GMT
x-content-type-options: nosniff
age: 1388
x-jsd-version: 7.2.96
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 396732
x-served-by: cache-fra-eddf8230132-FRA
x-jsd-version-type: version
etag: W/"60dbc-Ny7iWtVyfhmKnwTiem7ds7fgSTo"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 h0GsssGi7VdzDgKjM-4d8hjYx-4.woff2
fonts.gstatic.com/s/martelsans/v12/ 15 KB
15 KB 129ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martelsans/v12/h0GsssGi7VdzDgKjM-4d8hjYx-4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Martel+Sans:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96336833e17c47e2d99aa3023d8e5ad74cd20a8e075e8783de0d8b37c02d6449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 30 May 2023 15:47:55 GMT
x-content-type-options: nosniff
age: 69457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14940
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 15:47:55 GMT

GET
DATA 200
OK truncated
/ 169 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83c3ecc6cbe1e9f999f55b069f2f9f069a62d6db560b7d75e6aafc4784d39e95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 start Show response
lobby.uptownaces.eu/signalr/ 25 B
80 B 541ms
540ms XHR
application/json 190.4.90.1
T-Four Services S.A

General

Check archive.org

Show headers Download Go to

Full URL

https://lobby.uptownaces.eu:2072/signalr/start?transport=webSockets&clientProtocol=2.0&hostUrl=https%3A%2F%2Flobby.uptownaces.eu%3A2072%2Flobby%3FSkinId%3D1%26laffid%3D4795%26ltrackingid%3D119595685&clientApiLevel=6&casinoId=1&skinId=1&clientId=3&clientKey=%7B4FFB2EEE-C103-4677-A006-53FCEDFCFAB3%7D&packageName=LobbyCore&connectionToken=AQAAANCMnd8BFdERjHoAwE%2FCl%2BsBAAAAS61bDs7GR0O3%2F94i2ryeRQAAAAACAAAAAAAQZgAAAAEAACAAAAASRKXbCV3neybBf9UJb8e4xG%2F7OytHl%2Bhx%2BAJzA1BdbgAAAAAOgAAAAAIAACAAAADO8Gypv4N%2FAyLUb%2FkcEFSIcRaiwvqNPllcdnRowlASfjAAAAA8RJqH4tXVvBzyyJQIPDRB2f0TSmbfqG%2FUjoCNwhIiUuNg8nc1zApk8MZ4MgHmPI9AAAAAB97c09X72kit2BgZEyG%2FOdnCOAm09PPTzjnChIPwgUl8naexNrBea52nBWcH%2F2L1BGIlNWLxXvGhs%2FaPfm7jfA%3D%3D&connectionData=%5B%7B%22name%22%3A%22lobbyhub%22%7D%2C%7B%22name%22%3A%22databasenotifyhub%22%7D%2C%7B%22name%22%3A%22tournamentshub%22%7D%5D&_=1685531131904

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

190.4.90.1 Escazu, Costa Rica, ASN16973 (T-Four Services S.A, CR),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 31 May 2023 11:05:33 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=UTF-8

GET
H2 200 index.js Show response
chat.uptownaces.eu/design/defaulttheme/js/widgetv2/ 88 KB
24 KB 828ms
772ms Script
application/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4c9ad0f746641e2b74d39eea2dc890282fe9032bc29eb55d79d3f9acac9b50

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Apr 2023 09:11:06 GMT
server: cloudflare
etag: W/"643fb02a-15f3a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FO4xENPAMrms9wWKr1DaPSLkMnRwve5rFMaF12HWyYwUatHfOOPJlPDVQqwfGit5l1GV89%2Fhov2nt7Y01mznIYzUGaKkBD3vmN6E5X9cf3qSj3cV6Rq4GWA9MEmT6S8vSG3jKhk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7cfebe18192f048b-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 container_GlNBJvAa.js Show response
track.uptownaces.eu/js/ 63 KB
17 KB 119ms
21ms Script
application/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://track.uptownaces.eu/js/container_GlNBJvAa.js

Requested by

Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

727866774af6922cc1f1fbcbad0e26b592fcde794604488526264118911e6d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:34 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Apr 2023 12:12:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6639
etag: W/"fae4-5f9af55fa83b4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FvSdDB92x4BXaWsxBxRxjm2OOICbyhvYc2l0DMvCsJpvqVKTM3zasim5B7eSXr8KCJ%2FsV70yv01Ta42s8Le%2Fm4BoHMf%2BZq5GlhK2saFbCInbLrtpMli9cSZuj%2BLwU05iCCicBrd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7cfebe185d7335f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 matomo.js Show response
track.uptownaces.eu/ 82 KB
27 KB 23ms
22ms Script
application/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://track.uptownaces.eu/matomo.js

Requested by

Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

870cbc625978826ddd414417105977be1cdbe17f4481155c4bfc27c5771b5a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:34 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 May 2023 10:53:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4969
etag: W/"147ec-5fb4090893073-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcZqaJMUICYQSzTlWU%2FuyTXBckb8XhtpFoHhRERryK%2Fy3W00%2FkI14P1hIHYj6L7EpK0RAe75JXIaOCn%2FjRzOtlK8y6Q66VJ0kg%2FVNetr3BKX724G3CDsmtEipOQ9p5AjrXv1aT%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7cfebe188db535f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 09012020UptownAcesKameleoonIframe.html Show response
uptownaces.eu/kameleoon/ Frame 45E5 10 KB
3 KB 239ms
184ms Document
text/html 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uptownaces.eu/kameleoon/09012020UptownAcesKameleoonIframe.html
Requested by: Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68bea27ae71d9452cdf1e687cce76512eb202cac077d43ac00756d4a0d0bc938

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 7cfebe18ee4f35f0-FRA
content-encoding: br
content-type: text/html
date: Wed, 31 May 2023 11:05:35 GMT
last-modified: Wed, 25 May 2022 09:37:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pql5YqUiO2oGKB87DiwBJ%2FUB8m2zP2gfaJrM%2Bf6sM2PDv5ylzSnMDu7B0Se3i5OUsUPnSFQX0f8ZMpas6DNCigE%2Fh1zpIumdyO2ZOx7mfYZy%2ByO63qNiyWBZu73ZYd2I"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 kameleoon.js Show response
44tcalk779.kameleoon.eu/ 170 KB
43 KB 323ms
295ms Script
application/javascript 2606:4700:20::681a:a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://44tcalk779.kameleoon.eu/kameleoon.js

Requested by

Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6c954954e56b041b89cc6e7d476cd0f0b3881e864e70764e5426c608052e318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 24 Apr 2023 06:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64462267-2a78f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEJX40ONI2WbTx8Jdsh%2F8tMeVQlZyicqVb3iUvsW1pzqAmb8QGmdy83UdGZQVIIAh3He2FuM4%2BVypFQWMUulpo2k5TDHpIpcoOI4NVVmvHEEDPyjStNb6FGpxRiWNA2Yq55AVmdiyDcdk8OFGtaF0kw%2BflHo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=5400
cf-ray: 7cfebe18bcdebb43-FRA
expires: Wed, 31 May 2023 12:35:34 GMT

GET
H2 200 rtg Show response
street.uptownaces.eu/api/formvalidate/script/ 6 KB
3 KB 167ms
105ms Script
text/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://street.uptownaces.eu/api/formvalidate/script/rtg?minify=true

Requested by

Host: lobby.uptownaces.eu
URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1&laffid=4795&ltrackingid=119595685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32eeced2cfd12870f937cd4750559f29110d5556fa4bc0725de6d87a6491e54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:34 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CKREZpAU2a4XWRsUDzy9jy%2BpRjdX%2BoJHzBBsnfSBeDh8o%2BU1vQohdr%2BcmfzJCkuV9bM5TsCSITh%2FiLi19J9gguP9f3A7VV2DttdjObio7pdzyVOCCmt0s34BBdlSQO6bzr3RGvFUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7cfebe18fe5935f0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 RTGScript Show response
secure.s-dati.com/api/SignUpsFrontEnd/ 7 KB
3 KB 705ms
156ms Script
text/javascript 35.177.104.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.s-dati.com/api/SignUpsFrontEnd/RTGScript

Requested by

Host: track.uptownaces.eu
URL: https://track.uptownaces.eu/js/container_GlNBJvAa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.177.104.143 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-104-143.eu-west-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ARR/3.0, ASP.NET

Resource Hash

84e063e8e333aeb1460dd6eb882ad067adf4b5686b2c93747ac893953e8efdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ARR/3.0, ASP.NET
date: Wed, 31 May 2023 11:05:35 GMT
content-length: 2389
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: same-origin
server: Microsoft-IIS/10.0
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
srv: 03
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 7cfebe1c1925dd0f-LHR
expires: -1

POST
H3 204 matomo.php
track.uptownaces.eu/ 0
504 B 641ms
641ms Ping
text/html 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://track.uptownaces.eu/matomo.php?action_name=lobby.uptownaces.eu%2FUptown%20Aces&idsite=7&rec=1&r=904555&h=11&m=5&s=34&url=https%3A%2F%2Flobby.uptownaces.eu%3A2072%2Flobby%3Fskinid%3D1&_id=af1934d90b486014&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=IgyIKV&pf_net=0&pf_srv=226&pf_tfr=816&pf_dm1=1409&pf_dm2=52&pf_onl=0&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Requested by

Host: track.uptownaces.eu
URL: https://track.uptownaces.eu/matomo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://lobby.uptownaces.eu:2072/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Wed, 31 May 2023 11:05:35 GMT
strict-transport-security: max-age=31556926
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdVO4cyW0rOXJOvn0%2BwGYfy6tEPcu7Ebg06TqEVXjx%2BqC%2BkBtmp6nnvKmPj5I3x1BX1s4UAhxxLYgmDEDa0VlpE05zb%2B74mWeRKBdUnKf4zkCyFZTqJo03%2Bu%2FPuSnp9BEMGDsZm9"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://lobby.uptownaces.eu:2072
access-control-allow-credentials: true
cf-ray: 7cfebe18cc38368b-FRA
alt-svc: h3=":443"; ma=86400

POST
H/1.1 204
No Content events Show response
data.kameleoon.io/visit/ 0
499 B 117ms
33ms XHR
text/plain 95.217.77.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://data.kameleoon.io/visit/events?siteCode=44tcalk779&visitorCode=1pzqw1v5jd91uqbn&itp=false

Requested by

Host: 44tcalk779.kameleoon.eu
URL: https://44tcalk779.kameleoon.eu/kameleoon.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.217.77.226 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

data-api-new04.kameleoon.net

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lobby.uptownaces.eu:2072/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 31 May 2023 11:05:35 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Server: nginx/1.20.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: user-agent,kameleoon-client

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 h0GxssGi7VdzDgKjM-4d8hBj4vuAH0g.woff2
fonts.gstatic.com/s/martelsans/v12/ 14 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martelsans/v12/h0GxssGi7VdzDgKjM-4d8hBj4vuAH0g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Martel+Sans:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4118181949d71ea29311a8717370c0dae74f3fad3af5926710102209e61a174b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Sat, 27 May 2023 16:47:51 GMT
x-content-type-options: nosniff
age: 325064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 16:47:51 GMT

GET
H2 200 BABlackjack~9F319D7A84056F409617811092B10A21.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 45 KB
46 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BABlackjack~9F319D7A84056F409617811092B10A21.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: a4e461e4ecf2c1b505699125f9573e8241233376205032e92bfe9f272c928262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:39:32 GMT
age: 17036763
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 46158
last-modified: Fri, 06 Mar 2015 18:09:02 GMT
server: QTL_Cache/1.2.14
etag: "b44e-510a294474b80"
x-qtl-request-id: a2d47c78cf7ee8b51507e46fb1ee3d25
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BASweetShopCollect~521C8D7020D9084646C98DF544E04A83.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 217 KB
218 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BASweetShopCollect~521C8D7020D9084646C98DF544E04A83.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 74dab6a7591e3a7d5006b2e2bf953812b30ba9ed361c6b34090a1627dbc4f71b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 30 May 2023 22:33:01 GMT
age: 45154
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 222235
last-modified: Mon, 08 May 2023 15:13:55 GMT
server: QTL_Cache/1.2.14
etag: "3641b-5fb30165f90c8"
x-qtl-request-id: e02458223388e22e4c093c14e507300a
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAFiveWishes~8F19ECEE53B2B76879DA476FE25FC7D5.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 93 KB
93 KB 18ms
18ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAFiveWishes~8F19ECEE53B2B76879DA476FE25FC7D5.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 83e4a12e68950d50a189afa85cf2aa2f792b6a0f8dc24dae6f39c02dd98e9b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:43:42 GMT
age: 17036513
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 95080
last-modified: Tue, 13 Apr 2021 16:55:53 GMT
server: QTL_Cache/1.2.14
etag: "17368-5bfdd80d3b120"
x-qtl-request-id: fbe0b0ae75adb3ecfd0b8f54ceebd084
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H3 200 lobbybanner-ssc.jpg
uptownaces.eu/images/banners/ 325 KB
325 KB 23ms
23ms Image
image/jpeg 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uptownaces.eu/images/banners/lobbybanner-ssc.jpg?size=1536x336&platformUrlHostSet=1&PlayerID=&PlayMode=0&playerClass=&Scheme=rtg.desert&SkinID=1&AffiliateID=0&BannerID&clientType=3&loginID=
Requested by: Host: 44tcalk779.kameleoon.eu
URL: https://44tcalk779.kameleoon.eu/kameleoon.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3de97ee54aa24cd4eb5aa278592f6674ea34af820c6767e436a488ad0a016321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 09:19:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14542
etag: "f09ececfd792d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Etb3NivSZ9QtlDuqF1YosDAAn04IScakdVd4FZ0LbsYOusiie1UcM5Xf5EkMYAny0EVizVou9hD75Dv6voKPkFM%2Ff4ZWzWJ1TEUBSzJTuBSlNB%2B%2Fwdw7FclGVENihTcT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7cfebe204fad368b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 332441

GET
H/1.1 200
OK tags.js Show response
tags.s-dati.com/fp/ 94 KB
13 KB 162ms
18ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/tags.js?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5

Requested by

Host: secure.s-dati.com
URL: https://secure.s-dati.com/api/SignUpsFrontEnd/RTGScript

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

c06a5ba39a51c0a2bf45d3ab135b193ceecb3253176aabe4f0836363354da34a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Date: Wed, 31 May 2023 11:05:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 settings Show response
chat.uptownaces.eu/widgetrestapi/ 2 KB
1 KB 676ms
675ms XHR
application/json 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.uptownaces.eu/widgetrestapi/settings?tz=Etc%2FUnknown&l=%252F%252Flobby.uptownaces.eu%253A2072%252Flobby%253FSkinId%253D1&dt=Uptown%2520Aces&dep=16&theme=32&mode=widget&pos=bottom_right

Requested by

Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

99fb6072ab4a3cdbdc098111dec486065e629d89c3a9b2cafeb0269a01c3178c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0YyZfpmwgktA8VRqVF7zE6oHtbgVUcXOK9PpjWyer%2FWfCaRvdo733Mus5bdoFP%2Fxub2VTl5u6P4JwiNJyoWnvxL1i1wTWXdkbAW4mJnemJeDYruB1VprmM2mK6QSdWcZYe%2BEoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7cfebe207dc9048b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, API-Key, Authorization

POST
H/1.1 204
No Content events Show response
data.kameleoon.io/visit/ 0
499 B 35ms
35ms XHR
text/plain 95.217.77.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://data.kameleoon.io/visit/events?siteCode=44tcalk779&visitorCode=1pzqw1v5jd91uqbn&itp=false

Requested by

Host: 44tcalk779.kameleoon.eu
URL: https://44tcalk779.kameleoon.eu/kameleoon.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.217.77.226 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

data-api-new04.kameleoon.net

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lobby.uptownaces.eu:2072/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 31 May 2023 11:05:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Server: nginx/1.20.2
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: user-agent,kameleoon-client

GET
H2 200 BAAchilles~F6B2783C5412950F4CD31947820F5F1E.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 108 KB
109 KB 18ms
16ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAAchilles~F6B2783C5412950F4CD31947820F5F1E.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: f31902cf15d155f9f763635b985a40d0980e770b171ccbbd0614ee616342a182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:50:37 GMT
age: 17054099
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 111077
last-modified: Mon, 08 Mar 2021 13:00:02 GMT
server: QTL_Cache/1.2.14
etag: "1b1e5-5bd06030fecb0"
x-qtl-request-id: 828fb8853f611bb624c34845d35d7196
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAPerfectPairs~CFD464418167648FAB54936BBF00BB7D.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 43 KB
43 KB 21ms
19ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAPerfectPairs~CFD464418167648FAB54936BBF00BB7D.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: be52e10563f3bd8d64fc38a68f7e2775a4d389d97e5848d9f5654ee8060040a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:39:33 GMT
age: 17036763
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 44019
last-modified: Tue, 13 Apr 2021 16:55:55 GMT
server: QTL_Cache/1.2.14
etag: "abf3-5bfdd80f58d18"
x-qtl-request-id: 9f800cb35f61bda750cc9cac727fce6b
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAMasksOfAtlantis~6AC86936B851E255EE5B08DC121978EE.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 101 KB
101 KB 21ms
20ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAMasksOfAtlantis~6AC86936B851E255EE5B08DC121978EE.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 96173448ed4268a2f9f7fc7e1d056db472a3034ac76a700f530723434c52a397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 16 May 2023 22:26:45 GMT
age: 1255131
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 103021
last-modified: Sat, 06 May 2023 02:21:17 GMT
server: QTL_Cache/1.2.14
etag: "1926d-5fafd0f889340"
x-qtl-request-id: 8098392c3aa9e4f7c3d4cf4b6b59ee5c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BABonusWheelJungle~DC53A89445566CA46B2B542E3BAEB115.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 37 KB
38 KB 16ms
16ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BABonusWheelJungle~DC53A89445566CA46B2B542E3BAEB115.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 8ef0f12ef495b0c803356f693f1b7e93d1e77002a0f3453e70570d1dc2b5ba28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 23:15:50 GMT
age: 3066586
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 38003
last-modified: Thu, 06 Apr 2023 16:04:07 GMT
server: QTL_Cache/1.2.14
etag: "9473-5f8ad0ef4ef48"
x-qtl-request-id: d2cb8d3e312495c667123d3fa0291a79
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BACaribbeanDraw~AD282C7D16A4B2A8F187E2606732EDA5.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 118 KB
118 KB 13ms
13ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BACaribbeanDraw~AD282C7D16A4B2A8F187E2606732EDA5.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: d31983f8e88949b401bb26a6fc1611db57aba6b5169320151e3fb05581fb1baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:42:53 GMT
age: 17036563
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 120369
last-modified: Tue, 13 Apr 2021 16:55:51 GMT
server: QTL_Cache/1.2.14
etag: "1d631-5bfdd80b36398"
x-qtl-request-id: 1330d3ff030d3f9cafc88bebdf6b6e92
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BACaribbeanHoldem~85F5BA1AE1152A348AC935D7BBDA0250.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 66 KB
66 KB 14ms
13ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BACaribbeanHoldem~85F5BA1AE1152A348AC935D7BBDA0250.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: ba2db3abc6484a374141a5c2895ffa7cdc876a5156d9348fbf99c120bcfce023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:51:11 GMT
age: 3744865
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 67113
last-modified: Mon, 10 May 2021 12:27:23 GMT
server: QTL_Cache/1.2.14
etag: "10629-5c1f8e653ebd8"
x-qtl-request-id: 30ea7b3f0248bf6177db84d6ce7c140b
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAMightyDrums~D2F81913328ADF7C02751076BB023066.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 98 KB
98 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAMightyDrums~D2F81913328ADF7C02751076BB023066.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: dbca3f79b98546d1a4fbaa926304dde33b204aae0a2f351c4a6341ae42880471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 21:56:32 GMT
age: 4280944
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 99905
last-modified: Mon, 27 Mar 2023 18:22:47 GMT
server: QTL_Cache/1.2.14
etag: "18641-5f7e5d46ffdd0"
x-qtl-request-id: 980bcbedfb257e903f19a2c4b0ae7120
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BASweetShopCollect~521C8D7020D9084646C98DF544E04A83.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 74dab6a7591e3a7d5006b2e2bf953812b30ba9ed361c6b34090a1627dbc4f71b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 30 May 2023 22:33:01 GMT
age: 45155
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 222235
last-modified: Mon, 08 May 2023 15:13:55 GMT
server: QTL_Cache/1.2.14
etag: "3641b-5fb30165f90c8"
x-qtl-request-id: 3793e8d45b88454f1be390cbeb5e9701
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BABlackjack~9F319D7A84056F409617811092B10A21.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 45 KB
46 KB 17ms
17ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BABlackjack~9F319D7A84056F409617811092B10A21.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: a4e461e4ecf2c1b505699125f9573e8241233376205032e92bfe9f272c928262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:39:32 GMT
age: 17036764
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 46158
last-modified: Fri, 06 Mar 2015 18:09:02 GMT
server: QTL_Cache/1.2.14
etag: "b44e-510a294474b80"
x-qtl-request-id: 786f8ce59fc013f5883fdad7f0cf6754
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAFiveWishes~8F19ECEE53B2B76879DA476FE25FC7D5.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 93 KB
93 KB 17ms
17ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAFiveWishes~8F19ECEE53B2B76879DA476FE25FC7D5.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 83e4a12e68950d50a189afa85cf2aa2f792b6a0f8dc24dae6f39c02dd98e9b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:43:42 GMT
age: 17036514
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 95080
last-modified: Tue, 13 Apr 2021 16:55:53 GMT
server: QTL_Cache/1.2.14
etag: "17368-5bfdd80d3b120"
x-qtl-request-id: dd015c33b2505d83c012f2c77e1bcb0a
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BACashBanditsMuseumHeist~56E1D748D25300267F7C0E1EFFAFB394.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 53 KB
54 KB 14ms
13ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BACashBanditsMuseumHeist~56E1D748D25300267F7C0E1EFFAFB394.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 39262267900814bc310db5a3d8cfc0019b59630817c827896deab8816394cba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 23:44:26 GMT
age: 5484070
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 54487
last-modified: Mon, 06 Mar 2023 15:06:42 GMT
server: QTL_Cache/1.2.14
etag: "d4d7-5f63ca48c0640"
x-qtl-request-id: 12cf00bc34dc2c33a49d21b12080edcf
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H/1.1 200
OK check.js;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012 Show response
tags.s-dati.com/fp/ Frame B93A 301 KB
56 KB 23ms
23ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/check.js;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&jb=3d392424687b6f7d3555616c64677773266a7b6f3f556966666f777125303831382468736a753f416a7a6f656d24627162354368726f6565273030393331

Requested by

Host: tags.s-dati.com
URL: https://tags.s-dati.com/fp/tags.js?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

1cfa87a455c53ee6d21b81781ed8af833df484a9788be33da61a601f99ad3d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Date: Wed, 31 May 2023 11:05:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 7e153e1ac75f659f
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
tags.s-dati.com/fp/ Frame B93A 81 B
475 B 38ms
13ms Image
image/png 91.235.132.76

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.s-dati.com/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
tags.s-dati.com/fp/ Frame B93A 81 B
475 B 39ms
13ms Image
image/png 91.235.132.76

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.s-dati.com/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 BAMasksOfAtlantis~6AC86936B851E255EE5B08DC121978EE.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 101 KB
101 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAMasksOfAtlantis~6AC86936B851E255EE5B08DC121978EE.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 96173448ed4268a2f9f7fc7e1d056db472a3034ac76a700f530723434c52a397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 16 May 2023 22:26:45 GMT
age: 1255131
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 103021
last-modified: Sat, 06 May 2023 02:21:17 GMT
server: QTL_Cache/1.2.14
etag: "1926d-5fafd0f889340"
x-qtl-request-id: b69f5efa92760ad7bbceb4f1b92b8ee0
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAPerfectPairs~CFD464418167648FAB54936BBF00BB7D.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 43 KB
43 KB 15ms
15ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAPerfectPairs~CFD464418167648FAB54936BBF00BB7D.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: be52e10563f3bd8d64fc38a68f7e2775a4d389d97e5848d9f5654ee8060040a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:39:33 GMT
age: 17036763
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 44019
last-modified: Tue, 13 Apr 2021 16:55:55 GMT
server: QTL_Cache/1.2.14
etag: "abf3-5bfdd80f58d18"
x-qtl-request-id: e4f94353fda9831f8298498475b63a27
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAAchilles~F6B2783C5412950F4CD31947820F5F1E.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 108 KB
109 KB 16ms
15ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAAchilles~F6B2783C5412950F4CD31947820F5F1E.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: f31902cf15d155f9f763635b985a40d0980e770b171ccbbd0614ee616342a182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:50:37 GMT
age: 17054099
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 111077
last-modified: Mon, 08 Mar 2021 13:00:02 GMT
server: QTL_Cache/1.2.14
etag: "1b1e5-5bd06030fecb0"
x-qtl-request-id: 31e65a80c9b64806c3d5dad90cb4750e
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BABonusWheelJungle~DC53A89445566CA46B2B542E3BAEB115.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 8ef0f12ef495b0c803356f693f1b7e93d1e77002a0f3453e70570d1dc2b5ba28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 23:15:50 GMT
age: 3066586
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 38003
last-modified: Thu, 06 Apr 2023 16:04:07 GMT
server: QTL_Cache/1.2.14
etag: "9473-5f8ad0ef4ef48"
x-qtl-request-id: 773a57db3e609136cceaad9234b549d2
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BACaribbeanDraw~AD282C7D16A4B2A8F187E2606732EDA5.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: d31983f8e88949b401bb26a6fc1611db57aba6b5169320151e3fb05581fb1baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:42:53 GMT
age: 17036563
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 120369
last-modified: Tue, 13 Apr 2021 16:55:51 GMT
server: QTL_Cache/1.2.14
etag: "1d631-5bfdd80b36398"
x-qtl-request-id: 260d614c5df435ace433ced111f7e9c7
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAFortunesofOlympus~1C39200865D18F683B6BAED1CAB3878D.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 87 KB
87 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAFortunesofOlympus~1C39200865D18F683B6BAED1CAB3878D.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 9867187d809b69d7b23d750410edc46aca00dad20e525aa63b4d0c849ce6947e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:31:40 GMT
age: 6698036
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 88726
last-modified: Mon, 06 Mar 2023 15:06:41 GMT
server: QTL_Cache/1.2.14
etag: "15a96-5f63ca4764fa8"
x-qtl-request-id: 1c791589e3e1b59ed3bff04c84535c98
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAMightyDrums~D2F81913328ADF7C02751076BB023066.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 98 KB
98 KB 19ms
19ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAMightyDrums~D2F81913328ADF7C02751076BB023066.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: dbca3f79b98546d1a4fbaa926304dde33b204aae0a2f351c4a6341ae42880471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 21:56:32 GMT
age: 4280944
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 99905
last-modified: Mon, 27 Mar 2023 18:22:47 GMT
server: QTL_Cache/1.2.14
etag: "18641-5f7e5d46ffdd0"
x-qtl-request-id: 09f9d96783ec967fee8d802111ad766e
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BACaribbeanHoldem~85F5BA1AE1152A348AC935D7BBDA0250.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 66 KB
66 KB 16ms
15ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BACaribbeanHoldem~85F5BA1AE1152A348AC935D7BBDA0250.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: ba2db3abc6484a374141a5c2895ffa7cdc876a5156d9348fbf99c120bcfce023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:51:11 GMT
age: 3744865
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 67113
last-modified: Mon, 10 May 2021 12:27:23 GMT
server: QTL_Cache/1.2.14
etag: "10629-5c1f8e653ebd8"
x-qtl-request-id: 1bfc27fdc41a16da695e8be3ba9311bf
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H3 200 a68fc3eccb8af7392e9f.js Show response
chat.uptownaces.eu/design/defaulttheme/js/widgetv2/ 2 KB
1 KB 26ms
25ms Script
application/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/a68fc3eccb8af7392e9f.js
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5089d6432657e4aca0bdf5960c095d3d2dfc2c2f841fe81f9595844001b328aa

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769717
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Oct 2021 10:06:42 GMT
server: cloudflare
etag: W/"615c23b2-8bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKiKL4Ds8Ow32fT%2BT72fV8ytg3rju3%2FavHYAzWf8mZqZ9jruQg%2B4QPxszWoiNJUKU9dd3PG823aXa%2BaVCFOc5qdge2WcPaxaMFRUJyOifLwf45WJ0Sj7lbL0fIw8%2B1JlWtIq2sI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7cfebe2518f41c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 e8615ee87e8f2cba98c6 Show response
chat.uptownaces.eu//chat/updatejsvars/(vid)/ 17 B
504 B 666ms
664ms XHR
application/json 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.uptownaces.eu//chat/updatejsvars/(vid)/e8615ee87e8f2cba98c6

Requested by

Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

3b1841f4b1a796fe26cc7e35e1d83d0ace89daff72b4a3b9b23e36c30f10d090

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://lobby.uptownaces.eu:2072/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 31 May 2023 11:05:37 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zk1PWioWevLP1EFaJkcq%2FWKoeV7Z1R38pKWhCeI4JpxYDuJkXdvz51Cf8wMHsww31bY4jhPuOM5Us5wkA33dvqDJ5wKiL2yyqlWl%2Bzdsprd9QlPSC3m%2BddG7uH6s6Yih%2FWHmSwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7cfebe2518fb1c34-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

GET
H3 200 MaterialIcons-lhc-v5.woff2
chat.uptownaces.eu/design/defaulttheme/fonts/ Frame DB93 2 KB
3 KB 26ms
20ms Font
font/woff2 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/fonts/MaterialIcons-lhc-v5.woff2
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93d397057bf034d459a90c105a9448604782eecc021182f83a98c422bf7cf6a7

Request headers

Referer
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769717
alt-svc: h3=":443"; ma=86400
content-length: 2520
last-modified: Tue, 28 Jun 2022 12:14:30 GMT
server: cloudflare
etag: "62baf0a6-9d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPt9Ow2orM2y%2F0y%2Fmb6f%2FCTc%2FiBxc%2Fr0NHNt%2BsTOg%2FZoNZu0qkvLe7NTnseW%2FX%2FbbXYyP07JZVtSxnB9UBaCyq32himSQ5Cl19WooLdbJjy%2BSvUaJq%2BUggPbLETklunjnAhkUpg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cfebe2529071c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 32
chat.uptownaces.eu//widgetrestapi/themestatus/ Frame DB93 976 B
901 B 668ms
662ms Stylesheet
text/css 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.uptownaces.eu//widgetrestapi/themestatus/32?v=1669219037

Requested by

Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

79d91391a262c8ce3ef302ea3b4fe272c53c8e5b01b900bfe100dd09d010e50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:37 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 15:57:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s52BmuaGV7yuldlRsKME9h6qWHGKKzTS2HeyXdg%2Fm8X2J6FY7hXhZNLKBkDAjzpk4DsHlp0vRXN0t8AIdBceTsODOyMhTIFgBK7rSXpqzRexGF6VSSoo1MjDAVn7qWawmsSCgOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7cfebe25290b1c34-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, API-Key, Authorization
expires: Wed, 31 May 2023 12:05:37 GMT

GET
H3 200 b447d31812e54b5bb50365e40f54e246.css
chat.uptownaces.eu/design/defaulttheme/css/css_static/ Frame DB93 4 KB
2 KB 59ms
52ms Stylesheet
text/css 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/css/css_static/b447d31812e54b5bb50365e40f54e246.css?1656418470
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8da25ca83eaeb871d559bf90ac6a0268a34a3d1fc9f4955358e8de3eda615c49

Request headers

Referer
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769717
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 12:14:30 GMT
server: cloudflare
etag: W/"62baf0a6-e3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHczuRv3NDOtIjic9fLh1rhFyZzIDrbRUIQ6738IEpNiswKUntivYu0vblsW9oPt1%2BT1wAerFQtaTqX4BWgVWVlNR%2Fuo%2FcypOMngi%2BQG7d%2BSuU1FQYQFDqPcapbwcBEOR6zKpm0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7cfebe25290d1c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 32
chat.uptownaces.eu//widgetrestapi/themepage/ 383 B
698 B 660ms
654ms Stylesheet
text/css 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.uptownaces.eu//widgetrestapi/themepage/32?v=1669219037

Requested by

Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

13191d36c13cea9b167f4ee545a1e00152f5a0614c6b9dc6e43d72e52143ef73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:37 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 15:57:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nntYI38Em1rz%2B2siRqMWIDyWLtjohdmBssCOOANBoi9wE0IhdY53Dx%2FU%2Fh4lRiwfdSbMfxyQULNZmSakDaXQHHULtUoNWefNfodv0xAmWCXbeXBdfwd24FKhF%2BIUDRbrOC%2F9lD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7cfebe25290e1c34-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, API-Key, Authorization
expires: Wed, 31 May 2023 12:05:37 GMT

GET
H3 200 MaterialIcons-lhc-v5.woff2
chat.uptownaces.eu/design/defaulttheme/fonts/ Frame EFD1 2 KB
3 KB 24ms
19ms Font
font/woff2 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/fonts/MaterialIcons-lhc-v5.woff2
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93d397057bf034d459a90c105a9448604782eecc021182f83a98c422bf7cf6a7

Request headers

Referer
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769717
alt-svc: h3=":443"; ma=86400
content-length: 2520
last-modified: Tue, 28 Jun 2022 12:14:30 GMT
server: cloudflare
etag: "62baf0a6-9d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9nG9jPgI%2FF45MWBsFZ3VJZyG8lP4d82azqQJw%2Bq%2BwHeynuFk4wUVq4pFe5ZMWKKiRnDp9JJ5TRSC4SZXHtmbT0vUQ0SDptIKS4bzcS5hjomNybkVpNvSMQZytt0dXZAtQmq89M%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cfebe25290f1c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 32
chat.uptownaces.eu//widgetrestapi/theme/ Frame EFD1 326 B
731 B 666ms
662ms Stylesheet
text/css 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.uptownaces.eu//widgetrestapi/theme/32?v=1669219037

Requested by

Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

3fab81860e910ba5800d4356838dd92dbdc64e607883a7eea79e85f9ce487de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:37 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 15:57:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ8q0YVCfaOhozap3F2EIHSLj3h1Fjz4Xw%2FjPeup2mBk%2FGEvEPOhyynv7yuQldOomcBAOwm9wVagkaq86UtU4QFoe%2BC7mPBuHUlJrqPuXKzh%2FquDuCFfV%2BoyvpWGlyBWzYtfUpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7cfebe2529101c34-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, API-Key, Authorization
expires: Wed, 31 May 2023 12:05:37 GMT

GET
H3 200 65ce203157e27804a3a9aa2fed562724.css
chat.uptownaces.eu/design/defaulttheme/css/css_static/ Frame EFD1 118 KB
22 KB 31ms
27ms Stylesheet
text/css 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/css/css_static/65ce203157e27804a3a9aa2fed562724.css?1682492334
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e20b2a92d2e340be920c0bb3761223d82451faee2779d883343bea7f06f024d

Request headers

Referer
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479008
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 06:58:54 GMT
server: cloudflare
etag: W/"6448cbae-1d9d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liXRlk7K8TdexZinpB4LYGz8tCqI%2Bnp%2F%2BFzg277ygs5cMj%2Bennn%2BwikDoD2boiNJDt4ysSquiFekrceV1OMRDL2YuNEvfCHRPvPLUxAfAUwToR85x%2ButT9eYUt24HPSZn2esSZQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7cfebe2529111c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 c9aa29f9fd71f320cdd6.js Show response
chat.uptownaces.eu/design/defaulttheme/js/widgetv2/ 6 KB
2 KB 35ms
33ms Script
application/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/c9aa29f9fd71f320cdd6.js
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f38d2a93c095a4de85bebdd12a4ffb6dff84b4668321b1e3697139e5dc1f3265

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769717
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Feb 2023 08:39:36 GMT
server: cloudflare
etag: W/"63e20e48-17e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt%2FDC2I3yWP1B%2BMOAoQeVJK2vP%2F1qwYgWwXNj27H%2BLy2yKaJJSIF8r9bx3bkbFelhy1dTg1acIC8BHFfQKHlGaIdGPzSfONZoh8JDfaXHcGlWdeMimRHbKYjDT3cw3bMZlDkDzY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7cfebe2529121c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6d3de043cfb6e40e6a85.js Show response
chat.uptownaces.eu/design/defaulttheme/js/widgetv2/ 92 KB
25 KB 36ms
33ms Script
application/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/6d3de043cfb6e40e6a85.js
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebf5514588d6de78ea8abe128125c4e6afb479e520481333861dd8156d26bf4

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 733336
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 05 Dec 2022 11:53:05 GMT
server: cloudflare
etag: W/"638ddba1-1718d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kB%2BKC6AqFG%2FZBf4RQk55xfPBGLN%2FbUYVkiDj56TaaT90f6bqHxE0Iv0FaVZ0Ngf0EpF8%2BDSwBoBMyjTfgOEEcQLYuBOargsmPcTnIyQV%2FQb1RBi2Tlq0lbHTnHmey1PBXu0LwpA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7cfebe2529131c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 507f464a966a8359428a.js Show response
chat.uptownaces.eu/design/defaulttheme/js/widgetv2/ 4 KB
2 KB 98ms
95ms Script
application/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/507f464a966a8359428a.js
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8f83c3ef6d83c18294a23dd4c285c42d9fa5babda32cf3bff16128c54b03c66

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769717
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 13:46:50 GMT
server: cloudflare
etag: W/"61dd8a4a-fa3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZSXdKMmr2YvSumpM%2FreHpZgBgr3eAgGX4FDLbxJyiBIMFZonN78y%2F5NexEB4NWSaBIEccD7dH5lJEtpjGPxEO4tYM5aiHTmt1P%2FUnmKGr8orH%2FRk4r9i2NXPU05cbwkGeGM%2BFM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7cfebe2529141c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK HP Show response
tags.s-dati.com/fp/ Frame 24C1 19 KB
6 KB 16ms
15ms Document
text/html 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/HP?session_id=9a6f6948-c924-41de-a624-7e5f029482c5&org_id=btcmgcxc&nonce=7e153e1ac75f659f&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: tags.s-dati.com
URL: https://tags.s-dati.com/fp/check.js;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&jb=3d392424687b6f7d3555616c64677773266a7b6f3f556966666f777125303831382468736a753f416a7a6f656d24627162354368726f6565273030393331

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

c12e7a0783cf76bededa393fe89ee6d5cc0f4223d8dc19a73a07cae6d2af18b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5792
Content-Type: text/html;charset=UTF-8
Date: Wed, 31 May 2023 11:05:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
tags.s-dati.com/fp/ Frame B93A 81 B
540 B 40ms
13ms XHR
image/png 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, btcmgcxc/7e153e1ac75f659f9a6f6948-c924-41de-a624-7e5f029482c5
Referer: https://lobby.uptownaces.eu:2072/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Date: Wed, 31 May 2023 11:05:36 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 31 May 2023 11:05:36 GMT
Server: Apache
Etag: b84f0ed01c5c4068b08cbecea861c7cd
Content-Type: image/png
Access-Control-Allow-Origin: https://lobby.uptownaces.eu:2072
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Mon, 29 May 2028 11:05:36 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame B93A
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&k=2

0
387 B

13ms
12ms

Script
text/javascript

91.235.132.130

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012 Show response
tags.s-dati.com/fp/ Frame 3DB7 92 KB
14 KB 18ms
18ms Document
text/html 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/ls_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

8671a685a9b653d411a0e0f9f8f0d8019cfcfd2d8fe2c20a734893d3a6f4f632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 31 May 2023 11:05:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
tags.s-dati.com/fp/ Frame B93A 0
387 B 13ms
13ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&jb=3b36246e71693d3b3f303c67616d333737633d343b36356a3030363135643e343c6664366c3137

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
tags.s-dati.com/fp/ Frame B93A 134 B
654 B 15ms
15ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/es.js?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

9f1836feaa378509758e5f10eaedf73e0528a570f3e0d045fb23b203db76568f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012 Show response
h.online-metrix.net/fp/ Frame F2A6 104 KB
15 KB 47ms
17ms Document
text/html 91.235.132.130

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

db33ba632d33ffff54997e103c5280093bb2630613a4264472413ead70c0b148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 31 May 2023 11:05:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012 Show response
tags.s-dati.com/fp/ Frame 8E84 90 KB
13 KB 16ms
16ms Document
text/html 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/top_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

8943e09809cbcf88e8e0fc73292874246733d951f47d3e4dda0541f24c40c201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lobby.uptownaces.eu:2072/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 31 May 2023 11:05:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
tags.s-dati.com/fp/ Frame B93A 0
218 B 15ms
14ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&ja=39383730242e63353824723f302e663d313638307a333238322661643d333e30387a3332383024717a713d3870322e66707a3d312c313e30322e313a32302c333632382c39303230243134323224313a383224333638302c313238302e322c38246d743f613a3032696061646b373566666e646e3167693a3439313437303e623b633769246d6e3f34247b636c3f30342e6c6a3f6a7c74787b273b43253a46253246646f606079267770746d776c69636d712c657d2531433038373a2d304e6e6f6a627925334e53696b6e41662533463124786c35312470603d353a643a386969346a61666a653131336a37313a37696730643162666a326c362468603d3064666d376a6a616c61653b323264356d31326632386063616066636e393c60246a7b6f3f556b6664677f712d30303930266a736a3d416a72676f652530303339312e68716f7d3d556b6c6c6f7f7b246271627d3d436872676d67246e60613d34246e66653d30246c6d7c703f32247c7a6c35477c61253a46556e6b666f756c2665637468703d3638303b6633633a626761323a653e6b613d3430383832616439353736303964643437383a39343966346569613036666b393c69646a66373a3331333131366324647a3f68747670712d33492730462d32446e6d6a6271267778766f7f6e6163657b2e6777253b4332303532273a46646d6062712531445163696641662d31443926703d706475656b6e57646c617168273d456e636e736d21726e776f69665775616c646777735f6d6d646b635f786e61796772273d456e636e736d21726e776f696657636c6d626d5f61637267626376253d4766616e7367297064776569665f73776b6b6b7c616f6d27354d66616c736d21726e756f6b6e5f71686d6b6b7f6374652d3547646364736d2972647767616e5f7265696c726e6171677225374564696c7b6723706475656b6c5776646b5d786e6171657225354d66636e736d23706c77676b665f6c67746164767027374d666964716d2370647567696e577374655f7e6b65776772273d456e636e736d21726e776f696657686974612d354566616473672467645d633d7565606f6c5f676047442530323326302d3a32204d706d6e474c253a304751253a32322e322530384360706d6d61756f2b556d624f44273a324744534c2532384551273238332e30273232204f78676c4744253032475b253a384544514c2d323045532d3232332e38273230416870676d61776f295f6560496b7c576d6a496176253a305765624f4c434c4744475f696c7376696e6b67665f697270637b7b253b4a273a324550545f626c6d6e665d6d616c6d617a25314a253a3247585c5f616d6e6772576a776e64657a5f68616c6e5f646e6f69762533402530384550565d66646f63765d6a6c6d66662d31422d323045585c5f6470616f5d646572746a2d334a2730304d58565d7160616c6d705776657074757265576c6d66253b40253232455a5c5f7c677a747d72675d61676d787a677b7169676e5f62707c632731422d3030455a545d7c65707677726d5f616d6f78726d7b71616d6e57726774632d33402732384758545d746770747d70675f6e696e76677a5f69666b7b6d747a6f7069632d33402732384758545d73504f422d3140253a304d47515765646d6f6d6c7457696e6465705f776b6e7c27334227323247455b5d6462675f70676c6c657a576f61726d69702533422d32324d455b5d7374636e6669726c5d66657a6974637661766d7b273b40253a304f45535774677a747d70655f646c6d69742d3140253a304d475157746d70767d706557666c6f617c5f6e6b6e6d6372253142273a304747515f7c657a76777a6557606364645f6e6c6f61742d33402732384d45535d746770747d70675f60616e645d6e6c676976576e6966656172253b422730304747535f7465707c65705d63727a617b5d6d6a6a6d6b762d31422d323057454a474e5d63676e6f725d62776e666d705d66646f6376273b422d3a325f47424f4c5f636f65707067737b67645f76657a7c757a675d617b746127314a253a38554d4047445f636f6d78726771736d665f746778767d726d5d67746b253140273a305f4d404f4e5f6b6f6d70726d73716764577665787675706d5f6d7661312d3340273038574d4a45445d63676d7072657b7367665f7c67787477726757733b7661253b422730325f454a4f4e57616f65707265737b65665d746d7a747570655d7b337c615d737a676027314a253a38554d4047445f6465627d675d70656666657267725d616e6e6d27334a253032554d424f445d6c67707c685f746570747770652d3142253030554d424f4e5d647a61755d607d666e6d707b27334a253230574d42454e5f646d73655d636d66746d7a76253b422730325f454a4f4e576f756474695f647a617533362e656c5f6a3d316e663d6664663c373632666c633c38356d34326a653065373c643037353c3431303664363a353124756764763f4b6c7c65642d30384b6e6b2e26776764723f4b6e7c676c2530304b7a697b2730304770676c4544253a384766656966652663636c3d30&jb=393536246e793d456778616e6c692532463526302730302055696e666f757b253a324c542d3232333226302d3b402d30305f696e36342d33402732387a36342b2530384178726e655f6560496b7c253a4e373b352e3b36253230204b4a564d44273243273232646963672732384767616967292d3a324b6a72676d6525324e3133332e382c353534332c39392d303253696663706b2d324e3d313f2c333e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
btcmgcxcpo56pvpcyakwasnszjbekzxble7xm63c7e153e1ac75f659fam1.e.aa.online-metrix.net/fp/ Frame B93A 81 B
438 B 63ms
13ms Image
image/png 91.235.134.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://btcmgcxcpo56pvpcyakwasnszjbekzxble7xm63c7e153e1ac75f659fam1.e.aa.online-metrix.net/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 BACaribbeanStud~DE2CF5725CDBDD1FE610ADB09FE3AD6E.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 65 KB
65 KB 27ms
26ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BACaribbeanStud~DE2CF5725CDBDD1FE610ADB09FE3AD6E.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 31189722e76a9cb35f3fa29b791b423633deb54911a53a3ee23d88dedb3b3cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:42:53 GMT
age: 17036564
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 66199
last-modified: Tue, 13 Apr 2021 16:55:56 GMT
server: QTL_Cache/1.2.14
etag: "10297-5bfdd81079a30"
x-qtl-request-id: 1e95cf6594c838caefe1445ad022ab50
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAWarriorConquest~1175D2DCAE25FCD4A162BC451D54E206.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 229 KB
229 KB 24ms
23ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAWarriorConquest~1175D2DCAE25FCD4A162BC451D54E206.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: f2e6f1f8aafcc647314fcdf447e313f614103080998ce3d5a94f6746f02f98d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 22:09:42 GMT
age: 7908955
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 234201
last-modified: Mon, 20 Feb 2023 19:21:20 GMT
server: QTL_Cache/1.2.14
etag: "392d9-5f526916238a8"
x-qtl-request-id: 6bec43da3588157e0b13c36409677e28
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET localProxy.html
pbjikboenpfhbbejgkoklgkhjpfogcam/static/html/ Frame B93A 0
0

GET manifest.json
jlhmfgmfgeifomenelglieieghnjghma/ Frame B93A 0
0

GET index.html
gcbommkclmclpchllfjekcdonpmejbdp/pages/cancel/ Frame B93A 0
0

GET jquery.js
djflhoibgkdhkhhcedjiklpkjnoahfmg/ Frame B93A 0
0

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame B93A 0
0

GET inject.html
llgiblikeclfoebojkplbcmnicgcabhg/ Frame B93A 0
0

GET widget.html
fdcgdnkidjaadafnichfpabhfomcebme/ Frame B93A 0
0

GET itemBox.html
khhckppjhonfmcpegdjdibmngahahhck/ui/view/core/ Frame B93A 0
0

GET signin.html
kbfnbcaeplbcioakkpcpgfkobkghlhen/src/ Frame B93A 0
0

GET icon_16.png
cmllgdnjnkbapbchnebiedipojhmnjej/img/ Frame B93A 0
0

GET adblockultimate.png
ohahllgiabjaoigichmmfljhkcfikeof/lib/content-script/assistant/img/ Frame B93A 0
0

GET icon19_off.png
mlomiejdfkolichcflejclcbmpeaniij/app/images/ Frame B93A 0
0

GET icon16.png
jnhgnonknehpejjnehehllkliplmbmhn/images/ Frame B93A 0
0

GET 32.png
hpbohmeoofibpbiiklpofdfehodejbmk/img/ Frame B93A 0
0

GET icon24.png
dgpfeomibahlpbobpnjpcobpechebadh/icons/ Frame B93A 0
0

GET icon24.png
ppdonaappkjkbgbncmmjencphdclioab/icons/ Frame B93A 0
0

GET avira_icon16.png
ipmkfpcnmccejididiaagpgchgjfajgp/img/ Frame B93A 0
0

GET icon_16.png
bkdgflcldnnnapblkhphbgpggdiikppg/img/ Frame B93A 0
0

GET 16x16.png
caljgklbbfbcjjanaijlacgncafpegll/images/icons/ Frame B93A 0
0

GET icon-48.png
bihmplhobchoageeokmgbdihknkjbknd/static/assets/ Frame B93A 0
0

GET logo-avira-antivirus.png
flliilndjeohchalpbbcdekjklbdgfkk/img/ Frame B93A 0
0

GET pay_icon_19.png
glcimepnljoholdmjchkloafkggfoijh/images/ Frame B93A 0
0

GET ab-19.png
gighmmpiobklfepjocnamgkkbiglidom/icons/ Frame B93A 0
0

GET icon16.png
gomekmidlodglbbmalcneegieacbdmki/common/ui/icons/ Frame B93A 0
0

GET logo.png
baejfnndpekpkaaancgpakjaengfpopk/images/ Frame B93A 0
0

GET icon-info.png
mbckjcfnjmoiinpgddefodcighgikkgn/common/ui/icons/ Frame B93A 0
0

GET icon-info.png
eofcbnmajmjmplflapaojjnihcjkigck/common/ui/icons/ Frame B93A 0
0

GET skypelogo_16.png
lifbcibllhkdhoafpjfnlhfpfgnpldfl/ Frame B93A 0
0

GET icon16.png
apfkfccpcldeeaampkebgommjmdoghbf/assets/images/ Frame B93A 0
0

GET owl-16.png
oiekdmlabennjdpgimlcpmphdjphlcha/images/ Frame B93A 0
0

GET zoom-video.png
kgjfgplpablkjnlkjmjdecgdpfankdle/images/ Frame B93A 0
0

GET icon16.png
gaonpiemcjiihedemhopdoefaohcjoch/g2m/images/ Frame B93A 0
0

GET icon48x48.png
pnjaodmkngahhkoihejjehlcdlnohgmp/icons/ Frame B93A 0
0

GET logo.png
dpdmhfocilnekecfjgimjdeckachfbec/images/ Frame B93A 0
0

GET driveicon32.png
gmbmikajjgmnabiglmofipeabaddhgne/images/ Frame B93A 0
0

GET icon48.png
hdokiejnpimakedhajhdlcegeplioahd/images/ Frame B93A 0
0

GET
H2 200 BACashBanditsMuseumHeist~56E1D748D25300267F7C0E1EFFAFB394.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 53 KB
54 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BACashBanditsMuseumHeist~56E1D748D25300267F7C0E1EFFAFB394.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 39262267900814bc310db5a3d8cfc0019b59630817c827896deab8816394cba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 23:44:26 GMT
age: 5484071
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 54487
last-modified: Mon, 06 Mar 2023 15:06:42 GMT
server: QTL_Cache/1.2.14
etag: "d4d7-5f63ca48c0640"
x-qtl-request-id: f5266ad6cd0b195121c93094e3693e38
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAGiantFortunes~CD48F98E7B98D35DF85A6D6DC3909A5A.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 68 KB
69 KB 14ms
13ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAGiantFortunes~CD48F98E7B98D35DF85A6D6DC3909A5A.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 90141935b9435e75332069479c4c0856a290b40c34d4c1461d02f0b43e36e7b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:07:46 GMT
age: 9118671
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 69854
last-modified: Mon, 06 Feb 2023 15:24:44 GMT
server: QTL_Cache/1.2.14
etag: "110de-5f409a17b1778"
x-qtl-request-id: 0f9a5b0cacdd68860a5d9b1ea1f39ef6
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H/1.1 200
OK check.js Show response
tags.s-dati.com/fp/ Frame 24C1 209 KB
29 KB 21ms
21ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/check.js?&pageid=99998&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&org_id=btcmgcxc&nonce=7e153e1ac75f659f

Requested by

Host: tags.s-dati.com
URL: https://tags.s-dati.com/fp/HP?session_id=9a6f6948-c924-41de-a624-7e5f029482c5&org_id=btcmgcxc&nonce=7e153e1ac75f659f&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

49f98707666e714d91d4447713fe9179eeaee7f65a51ed6863738b3b06d48beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.s-dati.com/fp/HP?session_id=9a6f6948-c924-41de-a624-7e5f029482c5&org_id=btcmgcxc&nonce=7e153e1ac75f659f&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 7e153e1ac75f659f
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=97
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
tags.s-dati.com/fp/ Frame 3DB7 0
387 B 13ms
13ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&jf=3b36246e716a3d6d3b3b3d32353e666163646a346661393034383637333338343b3232616b3033

Requested by

Host: tags.s-dati.com
URL: https://tags.s-dati.com/fp/ls_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.s-dati.com/fp/ls_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
tags.s-dati.com/fp/ Frame 3DB7 134 B
654 B 13ms
13ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/es.js?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&fr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

a260aeea41dd0dbc6144b0c5e03afd25f88100cb55b24df9867dca7b750fc11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.s-dati.com/fp/ls_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAFortunesofOlympus~1C39200865D18F683B6BAED1CAB3878D.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 9867187d809b69d7b23d750410edc46aca00dad20e525aa63b4d0c849ce6947e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:31:40 GMT
age: 6698037
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 88726
last-modified: Mon, 06 Mar 2023 15:06:41 GMT
server: QTL_Cache/1.2.14
etag: "15a96-5f63ca4764fa8"
x-qtl-request-id: bd54acdca294d4e58e88d9cd4c347cdd
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAAlienWins~57665E1BCA76BEA062B47E13E354E377.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 52 KB
53 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAAlienWins~57665E1BCA76BEA062B47E13E354E377.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 17dad90a3d21d9236695a3994d7c43eb8f8ce071b7da1bd877383455ff3b40be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 01:14:26 GMT
age: 10317071
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 53338
last-modified: Mon, 09 Jan 2023 17:08:23 GMT
server: QTL_Cache/1.2.14
etag: "d05a-5f1d7d0928c28"
x-qtl-request-id: 0a8f399b1ce2450da38d874a9c3d3513
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H3 200 checkinvitation Show response
chat.uptownaces.eu/widgetrestapi/ 47 B
605 B 191ms
190ms XHR
application/json 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.uptownaces.eu/widgetrestapi/checkinvitation?vid=e8615ee87e8f2cba98c6&dep=16&l=%252F%252Flobby.uptownaces.eu%253A2072%252Flobby%253FSkinId%253D1&dt=Uptown%2520Aces&init=1

Requested by

Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

64d2f4c496f294dbbd8dca7141448af7214c2c9d334d881f369fa5d5e2d762cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:37 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Se5WsTE0YMlgr1LPYk2yBbHwFMlIZWo%2FbJrD%2FsaEozhDxu1Kos8gxhF30j0ez2APdfhaOIxxSwtJ1%2FZlGBOtW3UxkHFtP4PmUBKmfU%2BuWEXusXn1E8MyusIhWwxQW4WuoXyLopA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7cfebe29cefd1c34-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, API-Key, Authorization

GET
H2 200 BAWarriorConquest~1175D2DCAE25FCD4A162BC451D54E206.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 229 KB
229 KB 14ms
13ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAWarriorConquest~1175D2DCAE25FCD4A162BC451D54E206.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: f2e6f1f8aafcc647314fcdf447e313f614103080998ce3d5a94f6746f02f98d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 22:09:42 GMT
age: 7908955
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 234201
last-modified: Mon, 20 Feb 2023 19:21:20 GMT
server: QTL_Cache/1.2.14
etag: "392d9-5f526916238a8"
x-qtl-request-id: 67676fad6fbf4babe8d7e67d2086750d
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BACaribbeanStud~DE2CF5725CDBDD1FE610ADB09FE3AD6E.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 65 KB
65 KB 17ms
17ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BACaribbeanStud~DE2CF5725CDBDD1FE610ADB09FE3AD6E.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 31189722e76a9cb35f3fa29b791b423633deb54911a53a3ee23d88dedb3b3cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 06:42:53 GMT
age: 17036564
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 66199
last-modified: Tue, 13 Apr 2021 16:55:56 GMT
server: QTL_Cache/1.2.14
etag: "10297-5bfdd81079a30"
x-qtl-request-id: 0757765b82e4943c5396107dfec2b643
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H3 200 vendor.js Show response
chat.uptownaces.eu/design/defaulttheme/js/widgetv2/ Frame EFD1 278 KB
87 KB 33ms
32ms Script
application/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/vendor.js?v=a3
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 277bdc4b2070f9d38ab6893ba563fb132c4f3f69a4349aedf9b88537e8a0301e

Request headers

Referer
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769717
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Feb 2023 08:39:36 GMT
server: cloudflare
etag: W/"63e20e48-459a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zb6otyCIf4LMmgKzR62Bc00VcXn16wI%2F1TKXioFgNlRCILtguc64%2Bdok8ZGcT4eNfscksXOo%2FnVD%2BLWL3Jmi2NEn2n9rbi77SKeKda2sQZEWK3z9M6Ah16KkLWOBJqsAiC5ERks%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7cfebe2a0f441c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAGiantFortunes~CD48F98E7B98D35DF85A6D6DC3909A5A.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 90141935b9435e75332069479c4c0856a290b40c34d4c1461d02f0b43e36e7b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:07:46 GMT
age: 9118671
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 69854
last-modified: Mon, 06 Feb 2023 15:24:44 GMT
server: QTL_Cache/1.2.14
etag: "110de-5f409a17b1778"
x-qtl-request-id: a24bb34f518dd8e2722175327a499afc
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H/1.1 204
No Content clear.png Show response
tags.s-dati.com/fp/ Frame B93A 0
387 B 13ms
13ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&jac=1&je=39333b2424786d35666d2e60617c73743d253f42273032646776656e25303a253b43332e38302730412d323a7b766976757b253232253b412730326b6a617265696c6f253a3027374c26637766603d6b69356a3b653e653638316b636361366e30613761313b3a393b3431343e623761313937313e603c66386c643438363830313a666d3666303166616c383c373b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 BATarotDestiny~DAF7E95A9CB8718E27F3CD388512A66B.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 45 KB
45 KB 16ms
16ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BATarotDestiny~DAF7E95A9CB8718E27F3CD388512A66B.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 5fe06ffa413c392b7a9352ccb1af9c573b409a03e294469a32427dc80181b333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 22:24:53 GMT
age: 11536844
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 45809
last-modified: Mon, 09 Jan 2023 17:08:21 GMT
server: QTL_Cache/1.2.14
etag: "b2f1-5f1d7d07da498"
x-qtl-request-id: 2bf8c5944495853f65409c9bfd806a06
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAAlienWins~57665E1BCA76BEA062B47E13E354E377.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 17dad90a3d21d9236695a3994d7c43eb8f8ce071b7da1bd877383455ff3b40be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 01:14:26 GMT
age: 10317071
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 53338
last-modified: Mon, 09 Jan 2023 17:08:23 GMT
server: QTL_Cache/1.2.14
etag: "d05a-5f1d7d0928c28"
x-qtl-request-id: 41aa94d10bcef3d6e3ca9ac5a5506d94
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H3 200 react.app.js Show response
chat.uptownaces.eu/design/defaulttheme/js/widgetv2/ Frame EFD1 255 KB
61 KB 29ms
28ms Script
application/javascript 104.21.0.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/react.app.js?v=280
Requested by: Host: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/design/defaulttheme/js/widgetv2/index.js?v220234311685531134678
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.0.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 307b478bd1cbf3a038cc03b8291de1eed6be9d85d17ee8a187b8d9fa46c77c2a

Request headers

Referer
Origin: https://lobby.uptownaces.eu:2072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:05:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769716
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 27 Apr 2023 06:54:42 GMT
server: cloudflare
etag: W/"644a1c32-3fcf5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eW7%2F3FZ3jxoSFKHKr4%2BLgEFVDZ5tZCiVUSuiJneD7wOnb2POffMs8tn8EAOyLqY2sXdMjnhRueWETXCScG6wIUu8XTsQaPvHu5HEAk8JtBfdxYiPfA2MIMMB34agjlqwkeBfHM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
cf-ray: 7cfebe2b48dc1c34-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ARF;CIS3SID=6F94AED3E534FFF5974C5CCBC0857B4E Show response
tags.s-dati.com/fp/ Frame 24C1 35 B
557 B 16ms
15ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/ARF;CIS3SID=6F94AED3E534FFF5974C5CCBC0857B4E?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&pageid=99998&sera_parametere=URUMDAdRUlZaBgNWUgJbBANSAFAKVldXAVECVAYHDF8GUQUBAwAIAwZTB0BFRgQPWRVEQUBAAiVGAHdDAXEcVAcPQlBfAFwEDUNGQwVxHFF1VRQCd0ADUQtYRhJFEAoiElJzEAQhFwUKCg1XVAYKXlVTA1ZXVVJUBwYDBQ8NC1QAUFIHUVMDV1IDAQdQAltUUwQXW1wLUgReAFBXAwZcV1YGBgBVUwRYBRFfFQsFQQABBgYABgEJVVJWVFRXVAtRAARSUAYHBQNQU1NXAA1fAgIEAQBXAAlHAl4IVwYHC1ARDFgIHlQXEQoKDF8PDAFAXw4ME1FYcgkRWFgDEFdPWwZUABNRCkJcNF5bAllCSkBUBwxBVx9uAgJbWQRXVlJAUhEMAgY%3D&count=0&max=0

Requested by

Host: tags.s-dati.com
URL: https://tags.s-dati.com/fp/check.js?&pageid=99998&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&org_id=btcmgcxc&nonce=7e153e1ac75f659f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

d217994d5b08e6654742374a9075637d3fd61093f343e8b6b438f965f6184a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.s-dati.com/fp/HP?session_id=9a6f6948-c924-41de-a624-7e5f029482c5&org_id=btcmgcxc&nonce=7e153e1ac75f659f&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 BAMermaidRoyale~1DD6B229324D245AAC1E3D238935FB40.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 222 KB
222 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAMermaidRoyale~1DD6B229324D245AAC1E3D238935FB40.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 78a2e84bcc70b72a6d21281c63f4953377a1ea1e4e3d7afb1395a49d5d1bc8f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:05:45 GMT
age: 14525992
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 227094
last-modified: Fri, 02 Dec 2022 17:40:41 GMT
server: QTL_Cache/1.2.14
etag: "37716-5eedbd61f20b0"
x-qtl-request-id: 305031895984806c68ed4d063f74970d
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BATarotDestiny~DAF7E95A9CB8718E27F3CD388512A66B.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 45 KB
45 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BATarotDestiny~DAF7E95A9CB8718E27F3CD388512A66B.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 5fe06ffa413c392b7a9352ccb1af9c573b409a03e294469a32427dc80181b333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 22:24:53 GMT
age: 11536844
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 45809
last-modified: Mon, 09 Jan 2023 17:08:21 GMT
server: QTL_Cache/1.2.14
etag: "b2f1-5f1d7d07da498"
x-qtl-request-id: c3b0dbe196cb2c08cd46c03d06732ec6
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAGoblinsGluttonyofGems~1DE5F9ABFF7DACB2F19F3CC6B4770F1F.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 60 KB
60 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAGoblinsGluttonyofGems~1DE5F9ABFF7DACB2F19F3CC6B4770F1F.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: a77a8e5889d041f5197fb0234281308ab543e785167c97cd58daf04d808a6e57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:33:09 GMT
age: 15280349
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 60956
last-modified: Mon, 07 Nov 2022 12:55:23 GMT
server: QTL_Cache/1.2.14
etag: "ee1c-5ece0efc81168"
x-qtl-request-id: 65b7ecced3c6e8dc760629df000c9823
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H/1.1 204
204 clear1.png;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012
tags.s-dati.com/fp/ Frame B93A 0
400 B 16ms
16ms Image
image/png 91.235.132.76

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.s-dati.com/fp/clear1.png;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&jf=3c313624716164577a6c6c3f746c725f41587a6a406d343155436452555046372e716b64576463766735313e30373d3131393337267361645d767978673d776762386d636c7163267b69665d696d79353b323d3b33383133303638373063383e363863673366383238333236383830633a3e34306b673b66303b303130373833363030383234343137336b636d3635363d3734313a6b346a3f60313b346a363139633e656630393b3a31643b35603a633837303569396367663c306d69633936613a333130376e306166386d3134303b613a6d3438333b3031346035666938696c3a3a36613c636333633d623535656b31376436343a6a323e6761353f3967633130336d6a362e71696c5f7369673533323634383032303334613d666a3767373d373332643e313c3d313a36663e3734656131393363333d6338313336363b323e333b6439623a306369303b69323f636439313764303f303030303d3266626138376d6438346338386266643a31323069323f3a373b666537393d313537343c66383331383030333e32326469343731646e343f3f6369373969322673696e723f32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 BASantasReelWheel~905B9D0EFB219EFF81EF0B1C1949AAEA.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 190 KB
191 KB 14ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BASantasReelWheel~905B9D0EFB219EFF81EF0B1C1949AAEA.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 0f7256ee0ecc6b8c8ebbac0e912eca964909a480262d812b74c58ceb29434d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 23:15:20 GMT
age: 16372218
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 194569
last-modified: Mon, 07 Nov 2022 12:55:24 GMT
server: QTL_Cache/1.2.14
etag: "2f809-5ece0efdd9d08"
x-qtl-request-id: b9de2f54ca3377d281c361480a4e329c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET translation
chat.uptownaces.eu/eng/widgetrestapi/lang/ Frame EFD1 0
0

GET
H/1.1 204
204 clear1.png;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012
h.online-metrix.net/fp/ Frame F2A6 0
400 B 18ms
18ms Image
image/png 91.235.132.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&jf=3c313424716164577a6c6c3f746c725f69625f4d746d703f33656245664379692e716b64576463766735313e30373d3131393337267361645d767978673d776762386d636c7163267b69665d696d79353b323d3b33383133303638373063383e363863673366383238333236383830633a3e34306b673b66303b303130373833363030383234316061673a396e343b636c33603a326935693e636b37353a336533643b303366383d3066396363313a343b3331336d343263343c633f3d376e32623f663330666d313161326932303360613469646a3264666a633766313a373a69316a34366a6336343738643a33313f6335396664333a346d3563656a653663646c353f6d342e71696c5f7369673533323635383032303261616d366a3a67646d653767643d313e3d3a3d60653c663038663b303a61333130353133303431326b3b643869353666616930693c313a33396b656662373f30303031383264316062323c386b313a326b636764343d373e3f666e366339643563653e343264336c31666566383038396d34313369323032313f643830326b67626d363365267b6964703d39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=ECB2886BB408E01EFDB092C3A5B8A012?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAMermaidRoyale~1DD6B229324D245AAC1E3D238935FB40.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 78a2e84bcc70b72a6d21281c63f4953377a1ea1e4e3d7afb1395a49d5d1bc8f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:05:45 GMT
age: 14525993
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 227094
last-modified: Fri, 02 Dec 2022 17:40:41 GMT
server: QTL_Cache/1.2.14
etag: "37716-5eedbd61f20b0"
x-qtl-request-id: 4f6929e444d1623d5287aaf30f871d13
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAGoblinsGluttonyofGems~1DE5F9ABFF7DACB2F19F3CC6B4770F1F.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 60 KB
60 KB 15ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAGoblinsGluttonyofGems~1DE5F9ABFF7DACB2F19F3CC6B4770F1F.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: a77a8e5889d041f5197fb0234281308ab543e785167c97cd58daf04d808a6e57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:33:09 GMT
age: 15280349
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0001 [HIT]
x-px: HIT eu-nl-ams1-cache-0001
content-length: 60956
last-modified: Mon, 07 Nov 2022 12:55:23 GMT
server: QTL_Cache/1.2.14
etag: "ee1c-5ece0efc81168"
x-qtl-request-id: 22314f5b56cfc50ee489550867219fe5
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BASantasReelWheel~905B9D0EFB219EFF81EF0B1C1949AAEA.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 190 KB
191 KB 18ms
17ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BASantasReelWheel~905B9D0EFB219EFF81EF0B1C1949AAEA.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 0f7256ee0ecc6b8c8ebbac0e912eca964909a480262d812b74c58ceb29434d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 23:15:20 GMT
age: 16372218
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 194569
last-modified: Mon, 07 Nov 2022 12:55:24 GMT
server: QTL_Cache/1.2.14
etag: "2f809-5ece0efdd9d08"
x-qtl-request-id: 09832194b6e9722537e0eb2c5acee3af
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H2 200 BAMerlinsRiches~429E5E6866B42D4184DE8BB52321F3AC.jpg
flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/ 188 KB
189 KB 15ms
14ms Image
image/jpeg 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flshertfd.cfcontentdnfls.eu/client/lobbyspa/_commonContent_/images/skin/Games/BAMerlinsRiches~429E5E6866B42D4184DE8BB52321F3AC.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: QTL_Cache/1.2.14 /
Resource Hash: 1a90b3ac11ddc6ec55ac47853cad6ad034cda617922a6310fb7262761c36735f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 09:36:52 GMT
age: 17976526
x-cache-status: HIT
x-via: 2.0 eu-nl-ams1-cache-0002 [HIT]
x-px: HIT eu-nl-ams1-cache-0002
content-length: 192742
last-modified: Mon, 10 Oct 2022 15:20:51 GMT
server: QTL_Cache/1.2.14
etag: "2f0e6-5eaafb47bc178"
x-qtl-request-id: ee4ec7a361f13d8157120283772ad365
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31449600
accept-ranges: bytes
access-control-allow-headers: Content-Length

GET
H/1.1 204
No Content clear.png Show response
tags.s-dati.com/fp/ Frame B93A 0
387 B 13ms
13ms Script
text/javascript 91.235.132.76

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.s-dati.com/fp/clear.png?org_id=btcmgcxc&session_id=9a6f6948-c924-41de-a624-7e5f029482c5&nonce=7e153e1ac75f659f&jac=1&je=3a302424756d6935393a3d2c3239332e31353d2e333636

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lobby.uptownaces.eu:2072/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 11:05:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pbjikboenpfhbbejgkoklgkhjpfogcam
URL: chrome-extension://pbjikboenpfhbbejgkoklgkhjpfogcam/static/html/localProxy.html

Domain: jlhmfgmfgeifomenelglieieghnjghma
URL: chrome-extension://jlhmfgmfgeifomenelglieieghnjghma/manifest.json

Domain: gcbommkclmclpchllfjekcdonpmejbdp
URL: chrome-extension://gcbommkclmclpchllfjekcdonpmejbdp/pages/cancel/index.html

Domain: djflhoibgkdhkhhcedjiklpkjnoahfmg
URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: llgiblikeclfoebojkplbcmnicgcabhg
URL: chrome-extension://llgiblikeclfoebojkplbcmnicgcabhg/inject.html

Domain: fdcgdnkidjaadafnichfpabhfomcebme
URL: chrome-extension://fdcgdnkidjaadafnichfpabhfomcebme/widget.html

Domain: khhckppjhonfmcpegdjdibmngahahhck
URL: chrome-extension://khhckppjhonfmcpegdjdibmngahahhck/ui/view/core/itemBox.html

Domain: kbfnbcaeplbcioakkpcpgfkobkghlhen
URL: chrome-extension://kbfnbcaeplbcioakkpcpgfkobkghlhen/src/signin.html

Domain: cmllgdnjnkbapbchnebiedipojhmnjej
URL: chrome-extension://cmllgdnjnkbapbchnebiedipojhmnjej/img/icon_16.png

Domain: ohahllgiabjaoigichmmfljhkcfikeof
URL: chrome-extension://ohahllgiabjaoigichmmfljhkcfikeof/lib/content-script/assistant/img/adblockultimate.png

Domain: mlomiejdfkolichcflejclcbmpeaniij
URL: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon19_off.png

Domain: jnhgnonknehpejjnehehllkliplmbmhn
URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png

Domain: hpbohmeoofibpbiiklpofdfehodejbmk
URL: chrome-extension://hpbohmeoofibpbiiklpofdfehodejbmk/img/32.png

Domain: dgpfeomibahlpbobpnjpcobpechebadh
URL: chrome-extension://dgpfeomibahlpbobpnjpcobpechebadh/icons/icon24.png

Domain: ppdonaappkjkbgbncmmjencphdclioab
URL: chrome-extension://ppdonaappkjkbgbncmmjencphdclioab/icons/icon24.png

Domain: ipmkfpcnmccejididiaagpgchgjfajgp
URL: chrome-extension://ipmkfpcnmccejididiaagpgchgjfajgp/img/avira_icon16.png

Domain: bkdgflcldnnnapblkhphbgpggdiikppg
URL: chrome-extension://bkdgflcldnnnapblkhphbgpggdiikppg/img/icon_16.png

Domain: caljgklbbfbcjjanaijlacgncafpegll
URL: chrome-extension://caljgklbbfbcjjanaijlacgncafpegll/images/icons/16x16.png

Domain: bihmplhobchoageeokmgbdihknkjbknd
URL: chrome-extension://bihmplhobchoageeokmgbdihknkjbknd/static/assets/icon-48.png

Domain: flliilndjeohchalpbbcdekjklbdgfkk
URL: chrome-extension://flliilndjeohchalpbbcdekjklbdgfkk/img/logo-avira-antivirus.png

Domain: glcimepnljoholdmjchkloafkggfoijh
URL: chrome-extension://glcimepnljoholdmjchkloafkggfoijh/images/pay_icon_19.png

Domain: gighmmpiobklfepjocnamgkkbiglidom
URL: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/ab-19.png

Domain: gomekmidlodglbbmalcneegieacbdmki
URL: chrome-extension://gomekmidlodglbbmalcneegieacbdmki/common/ui/icons/icon16.png

Domain: baejfnndpekpkaaancgpakjaengfpopk
URL: chrome-extension://baejfnndpekpkaaancgpakjaengfpopk/images/logo.png

Domain: mbckjcfnjmoiinpgddefodcighgikkgn
URL: chrome-extension://mbckjcfnjmoiinpgddefodcighgikkgn/common/ui/icons/icon-info.png

Domain: eofcbnmajmjmplflapaojjnihcjkigck
URL: chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/icons/icon-info.png

Domain: lifbcibllhkdhoafpjfnlhfpfgnpldfl
URL: chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/skypelogo_16.png

Domain: apfkfccpcldeeaampkebgommjmdoghbf
URL: chrome-extension://apfkfccpcldeeaampkebgommjmdoghbf/assets/images/icon16.png

Domain: oiekdmlabennjdpgimlcpmphdjphlcha
URL: chrome-extension://oiekdmlabennjdpgimlcpmphdjphlcha/images/owl-16.png

Domain: kgjfgplpablkjnlkjmjdecgdpfankdle
URL: chrome-extension://kgjfgplpablkjnlkjmjdecgdpfankdle/images/zoom-video.png

Domain: gaonpiemcjiihedemhopdoefaohcjoch
URL: chrome-extension://gaonpiemcjiihedemhopdoefaohcjoch/g2m/images/icon16.png

Domain: pnjaodmkngahhkoihejjehlcdlnohgmp
URL: chrome-extension://pnjaodmkngahhkoihejjehlcdlnohgmp/icons/icon48x48.png

Domain: dpdmhfocilnekecfjgimjdeckachfbec
URL: chrome-extension://dpdmhfocilnekecfjgimjdeckachfbec/images/logo.png

Domain: gmbmikajjgmnabiglmofipeabaddhgne
URL: chrome-extension://gmbmikajjgmnabiglmofipeabaddhgne/images/driveicon32.png

Domain: hdokiejnpimakedhajhdlcegeplioahd
URL: chrome-extension://hdokiejnpimakedhajhdlcegeplioahd/images/icon48.png

Domain: chat.uptownaces.eu
URL: https://chat.uptownaces.eu/eng/widgetrestapi/lang/translation?v=92023431

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uptownaces.eu/	1970-01-20 12:22:15	Name: _pk_id.7.553f Value: af1934d90b486014.1685531135.
.uptownaces.eu/	1970-01-20 12:12:12	Name: _pk_ses.7.553f Value: 1
.uptownaces.eu/	1970-01-20 20:57:47	Name: kameleoonVisitorCode Value: _js_1pzqw1v5jd91uqbn

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1 Message: Access to XMLHttpRequest at 'chrome-extension://pbjikboenpfhbbejgkoklgkhjpfogcam/static/html/localProxy.html' from origin 'https://lobby.uptownaces.eu:2072' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://pbjikboenpfhbbejgkoklgkhjpfogcam/static/html/localProxy.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1 Message: Access to XMLHttpRequest at 'chrome-extension://jlhmfgmfgeifomenelglieieghnjghma/manifest.json' from origin 'https://lobby.uptownaces.eu:2072' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://jlhmfgmfgeifomenelglieieghnjghma/manifest.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1 Message: Access to XMLHttpRequest at 'chrome-extension://gcbommkclmclpchllfjekcdonpmejbdp/pages/cancel/index.html' from origin 'https://lobby.uptownaces.eu:2072' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://gcbommkclmclpchllfjekcdonpmejbdp/pages/cancel/index.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1 Message: Access to XMLHttpRequest at 'chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js' from origin 'https://lobby.uptownaces.eu:2072' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1 Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://lobby.uptownaces.eu:2072' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1 Message: Access to XMLHttpRequest at 'chrome-extension://llgiblikeclfoebojkplbcmnicgcabhg/inject.html' from origin 'https://lobby.uptownaces.eu:2072' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://llgiblikeclfoebojkplbcmnicgcabhg/inject.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1 Message: Access to XMLHttpRequest at 'chrome-extension://fdcgdnkidjaadafnichfpabhfomcebme/widget.html' from origin 'https://lobby.uptownaces.eu:2072' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://fdcgdnkidjaadafnichfpabhfomcebme/widget.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1 Message: Access to XMLHttpRequest at 'chrome-extension://khhckppjhonfmcpegdjdibmngahahhck/ui/view/core/itemBox.html' from origin 'https://lobby.uptownaces.eu:2072' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://khhckppjhonfmcpegdjdibmngahahhck/ui/view/core/itemBox.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lobby.uptownaces.eu:2072/lobby?SkinId=1 Message: Access to XMLHttpRequest at 'chrome-extension://kbfnbcaeplbcioakkpcpgfkobkghlhen/src/signin.html' from origin 'https://lobby.uptownaces.eu:2072' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://kbfnbcaeplbcioakkpcpgfkobkghlhen/src/signin.html Message: Failed to load resource: net::ERR_FAILED
network	error	URL: chrome-extension://cmllgdnjnkbapbchnebiedipojhmnjej/img/icon_16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://ohahllgiabjaoigichmmfljhkcfikeof/lib/content-script/assistant/img/adblockultimate.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon19_off.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://hpbohmeoofibpbiiklpofdfehodejbmk/img/32.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://dgpfeomibahlpbobpnjpcobpechebadh/icons/icon24.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://ppdonaappkjkbgbncmmjencphdclioab/icons/icon24.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://ipmkfpcnmccejididiaagpgchgjfajgp/img/avira_icon16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://bkdgflcldnnnapblkhphbgpggdiikppg/img/icon_16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://caljgklbbfbcjjanaijlacgncafpegll/images/icons/16x16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://bihmplhobchoageeokmgbdihknkjbknd/static/assets/icon-48.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://flliilndjeohchalpbbcdekjklbdgfkk/img/logo-avira-antivirus.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://glcimepnljoholdmjchkloafkggfoijh/images/pay_icon_19.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/ab-19.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://gomekmidlodglbbmalcneegieacbdmki/common/ui/icons/icon16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://baejfnndpekpkaaancgpakjaengfpopk/images/logo.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://mbckjcfnjmoiinpgddefodcighgikkgn/common/ui/icons/icon-info.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/icons/icon-info.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/skypelogo_16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://apfkfccpcldeeaampkebgommjmdoghbf/assets/images/icon16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://oiekdmlabennjdpgimlcpmphdjphlcha/images/owl-16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://kgjfgplpablkjnlkjmjdecgdpfankdle/images/zoom-video.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://gaonpiemcjiihedemhopdoefaohcjoch/g2m/images/icon16.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://pnjaodmkngahhkoihejjehlcdlnohgmp/icons/icon48x48.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://dpdmhfocilnekecfjgimjdeckachfbec/images/logo.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://gmbmikajjgmnabiglmofipeabaddhgne/images/driveicon32.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://hdokiejnpimakedhajhdlcegeplioahd/images/icon48.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44tcalk779.kameleoon.eu
apfkfccpcldeeaampkebgommjmdoghbf
baejfnndpekpkaaancgpakjaengfpopk
bihmplhobchoageeokmgbdihknkjbknd
bkdgflcldnnnapblkhphbgpggdiikppg
btcmgcxcpo56pvpcyakwasnszjbekzxble7xm63c7e153e1ac75f659fam1.e.aa.online-metrix.net
caljgklbbfbcjjanaijlacgncafpegll
cdn.jsdelivr.net
cdnjs.cloudflare.com
chat.uptownaces.eu
cmllgdnjnkbapbchnebiedipojhmnjej
data.kameleoon.io
dgpfeomibahlpbobpnjpcobpechebadh
djflhoibgkdhkhhcedjiklpkjnoahfmg
dpdmhfocilnekecfjgimjdeckachfbec
eofcbnmajmjmplflapaojjnihcjkigck
fdcgdnkidjaadafnichfpabhfomcebme
flliilndjeohchalpbbcdekjklbdgfkk
flshertfd.cfcontentdnfls.eu
fonts.googleapis.com
fonts.gstatic.com
gaonpiemcjiihedemhopdoefaohcjoch
gcbommkclmclpchllfjekcdonpmejbdp
ghbmnnjooekpmoecnnnilnnbdlolhkhi
gighmmpiobklfepjocnamgkkbiglidom
glcimepnljoholdmjchkloafkggfoijh
gmbmikajjgmnabiglmofipeabaddhgne
gomekmidlodglbbmalcneegieacbdmki
h.online-metrix.net
hdokiejnpimakedhajhdlcegeplioahd
hpbohmeoofibpbiiklpofdfehodejbmk
ipmkfpcnmccejididiaagpgchgjfajgp
jlhmfgmfgeifomenelglieieghnjghma
jnhgnonknehpejjnehehllkliplmbmhn
kbfnbcaeplbcioakkpcpgfkobkghlhen
kgjfgplpablkjnlkjmjdecgdpfankdle
khhckppjhonfmcpegdjdibmngahahhck
lifbcibllhkdhoafpjfnlhfpfgnpldfl
llgiblikeclfoebojkplbcmnicgcabhg
lobby.uptownaces.eu
mbckjcfnjmoiinpgddefodcighgikkgn
mlomiejdfkolichcflejclcbmpeaniij
ohahllgiabjaoigichmmfljhkcfikeof
oiekdmlabennjdpgimlcpmphdjphlcha
pbjikboenpfhbbejgkoklgkhjpfogcam
pnjaodmkngahhkoihejjehlcdlnohgmp
ppdonaappkjkbgbncmmjencphdclioab
secure.s-dati.com
street.uptownaces.eu
tags.s-dati.com
track.uptownaces.eu
uptownaces.eu
apfkfccpcldeeaampkebgommjmdoghbf
baejfnndpekpkaaancgpakjaengfpopk
bihmplhobchoageeokmgbdihknkjbknd
bkdgflcldnnnapblkhphbgpggdiikppg
caljgklbbfbcjjanaijlacgncafpegll
chat.uptownaces.eu
cmllgdnjnkbapbchnebiedipojhmnjej
dgpfeomibahlpbobpnjpcobpechebadh
djflhoibgkdhkhhcedjiklpkjnoahfmg
dpdmhfocilnekecfjgimjdeckachfbec
eofcbnmajmjmplflapaojjnihcjkigck
fdcgdnkidjaadafnichfpabhfomcebme
flliilndjeohchalpbbcdekjklbdgfkk
gaonpiemcjiihedemhopdoefaohcjoch
gcbommkclmclpchllfjekcdonpmejbdp
ghbmnnjooekpmoecnnnilnnbdlolhkhi
gighmmpiobklfepjocnamgkkbiglidom
glcimepnljoholdmjchkloafkggfoijh
gmbmikajjgmnabiglmofipeabaddhgne
gomekmidlodglbbmalcneegieacbdmki
hdokiejnpimakedhajhdlcegeplioahd
hpbohmeoofibpbiiklpofdfehodejbmk
ipmkfpcnmccejididiaagpgchgjfajgp
jlhmfgmfgeifomenelglieieghnjghma
jnhgnonknehpejjnehehllkliplmbmhn
kbfnbcaeplbcioakkpcpgfkobkghlhen
kgjfgplpablkjnlkjmjdecgdpfankdle
khhckppjhonfmcpegdjdibmngahahhck
lifbcibllhkdhoafpjfnlhfpfgnpldfl
llgiblikeclfoebojkplbcmnicgcabhg
mbckjcfnjmoiinpgddefodcighgikkgn
mlomiejdfkolichcflejclcbmpeaniij
ohahllgiabjaoigichmmfljhkcfikeof
oiekdmlabennjdpgimlcpmphdjphlcha
pbjikboenpfhbbejgkoklgkhjpfogcam
pnjaodmkngahhkoihejjehlcdlnohgmp
ppdonaappkjkbgbncmmjencphdclioab
104.21.0.108
190.4.90.1
2606:4700:20::681a:a1e
2606:4700::6811:180e
2a00:1450:4001:80e::2003
2a00:1450:4001:813::200a
2a01:53c0:ff04:ffff:a0b4:b966:1b2:96f2
2a04:4e42::485
35.177.104.143
91.235.132.130
91.235.132.76
91.235.134.131
95.217.77.226
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ebf5514588d6de78ea8abe128125c4e6afb479e520481333861dd8156d26bf4
0f7256ee0ecc6b8c8ebbac0e912eca964909a480262d812b74c58ceb29434d3b
13191d36c13cea9b167f4ee545a1e00152f5a0614c6b9dc6e43d72e52143ef73
17dad90a3d21d9236695a3994d7c43eb8f8ce071b7da1bd877383455ff3b40be
1a90b3ac11ddc6ec55ac47853cad6ad034cda617922a6310fb7262761c36735f
1cfa87a455c53ee6d21b81781ed8af833df484a9788be33da61a601f99ad3d1b
277bdc4b2070f9d38ab6893ba563fb132c4f3f69a4349aedf9b88537e8a0301e
307b478bd1cbf3a038cc03b8291de1eed6be9d85d17ee8a187b8d9fa46c77c2a
31189722e76a9cb35f3fa29b791b423633deb54911a53a3ee23d88dedb3b3cee
32eeced2cfd12870f937cd4750559f29110d5556fa4bc0725de6d87a6491e54f
37100194e5ee6442e2bee197e93972cbf43630de593aff6e4a64e0b3e91a912e
39262267900814bc310db5a3d8cfc0019b59630817c827896deab8816394cba0
3b1841f4b1a796fe26cc7e35e1d83d0ace89daff72b4a3b9b23e36c30f10d090
3de97ee54aa24cd4eb5aa278592f6674ea34af820c6767e436a488ad0a016321
3fab81860e910ba5800d4356838dd92dbdc64e607883a7eea79e85f9ce487de5
4118181949d71ea29311a8717370c0dae74f3fad3af5926710102209e61a174b
49f98707666e714d91d4447713fe9179eeaee7f65a51ed6863738b3b06d48beb
5089d6432657e4aca0bdf5960c095d3d2dfc2c2f841fe81f9595844001b328aa
52358106ed5f32bce8b050b1052982897a600c79cfebe865c9c1fc7cc544ac9b
5e20b2a92d2e340be920c0bb3761223d82451faee2779d883343bea7f06f024d
5fe06ffa413c392b7a9352ccb1af9c573b409a03e294469a32427dc80181b333
61bcb94faf3a0e1078cc76aa99ab91cae04105c27e05873a84f562df81b372df
64d2f4c496f294dbbd8dca7141448af7214c2c9d334d881f369fa5d5e2d762cb
68bea27ae71d9452cdf1e687cce76512eb202cac077d43ac00756d4a0d0bc938
727866774af6922cc1f1fbcbad0e26b592fcde794604488526264118911e6d9b
74dab6a7591e3a7d5006b2e2bf953812b30ba9ed361c6b34090a1627dbc4f71b
78a2e84bcc70b72a6d21281c63f4953377a1ea1e4e3d7afb1395a49d5d1bc8f7
79d91391a262c8ce3ef302ea3b4fe272c53c8e5b01b900bfe100dd09d010e50c
83c3ecc6cbe1e9f999f55b069f2f9f069a62d6db560b7d75e6aafc4784d39e95
83e4a12e68950d50a189afa85cf2aa2f792b6a0f8dc24dae6f39c02dd98e9b2f
84e063e8e333aeb1460dd6eb882ad067adf4b5686b2c93747ac893953e8efdf8
8671a685a9b653d411a0e0f9f8f0d8019cfcfd2d8fe2c20a734893d3a6f4f632
870cbc625978826ddd414417105977be1cdbe17f4481155c4bfc27c5771b5a19
88dab73b605ca35af1d53ef37f89e6adeb5cb79c47a86cda81087b4b547fa6c1
8943e09809cbcf88e8e0fc73292874246733d951f47d3e4dda0541f24c40c201
8da25ca83eaeb871d559bf90ac6a0268a34a3d1fc9f4955358e8de3eda615c49
8e4c9ad0f746641e2b74d39eea2dc890282fe9032bc29eb55d79d3f9acac9b50
8ef0f12ef495b0c803356f693f1b7e93d1e77002a0f3453e70570d1dc2b5ba28
90141935b9435e75332069479c4c0856a290b40c34d4c1461d02f0b43e36e7b6
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
93d397057bf034d459a90c105a9448604782eecc021182f83a98c422bf7cf6a7
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
96173448ed4268a2f9f7fc7e1d056db472a3034ac76a700f530723434c52a397
96336833e17c47e2d99aa3023d8e5ad74cd20a8e075e8783de0d8b37c02d6449
9867187d809b69d7b23d750410edc46aca00dad20e525aa63b4d0c849ce6947e
99fb6072ab4a3cdbdc098111dec486065e629d89c3a9b2cafeb0269a01c3178c
9f1836feaa378509758e5f10eaedf73e0528a570f3e0d045fb23b203db76568f
a24da1092d03c62f0a787887bf897423078d0cba5df6b507c0807c7f3bdf430b
a260aeea41dd0dbc6144b0c5e03afd25f88100cb55b24df9867dca7b750fc11c
a4e461e4ecf2c1b505699125f9573e8241233376205032e92bfe9f272c928262
a77a8e5889d041f5197fb0234281308ab543e785167c97cd58daf04d808a6e57
b139f95d938d56785e16b34b5cb730805acb4b5d3902bbdfb68571128c6e759d
b6c954954e56b041b89cc6e7d476cd0f0b3881e864e70764e5426c608052e318
b89606bf42acdeb4f05cff729f63f2f0574e87011d4aa5a05253a3bfcd7461bf
ba2db3abc6484a374141a5c2895ffa7cdc876a5156d9348fbf99c120bcfce023
be52e10563f3bd8d64fc38a68f7e2775a4d389d97e5848d9f5654ee8060040a5
c06a5ba39a51c0a2bf45d3ab135b193ceecb3253176aabe4f0836363354da34a
c12e7a0783cf76bededa393fe89ee6d5cc0f4223d8dc19a73a07cae6d2af18b7
c1c004a90e60a31becd3ca261781c3a13a2937b5b26338fd8dd89e10ab562849
c3525c96739f2be31a72d28b2bb2eff216fd7de710f34c075f12de9108e22b35
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
c8f83c3ef6d83c18294a23dd4c285c42d9fa5babda32cf3bff16128c54b03c66
ccedded302e1764c6a608389e5b042dfa13489a356125d5c62dc04badbbd7f7d
d217994d5b08e6654742374a9075637d3fd61093f343e8b6b438f965f6184a0d
d31983f8e88949b401bb26a6fc1611db57aba6b5169320151e3fb05581fb1baf
db33ba632d33ffff54997e103c5280093bb2630613a4264472413ead70c0b148
dbca3f79b98546d1a4fbaa926304dde33b204aae0a2f351c4a6341ae42880471
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebcd76ae23ce03e111bdaf3b44663516393da0cf9ca54c0c11d3c69a1238c413
f2e6f1f8aafcc647314fcdf447e313f614103080998ce3d5a94f6746f02f98d7
f31902cf15d155f9f763635b985a40d0980e770b171ccbbd0614ee616342a182
f38d2a93c095a4de85bebdd12a4ffb6dff84b4668321b1e3697139e5dc1f3265

lobby.uptownaces.eu Open in urlscan Pro 190.4.90.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

74 %HTTPS

46 %IPv6

11 Domains

52 Subdomains

14 IPs

6 Countries

6649 kBTransfer

11010 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lobby.uptownaces.eu Open in urlscan Pro
190.4.90.1 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

74 %
HTTPS

46 %
IPv6

11
Domains

52
Subdomains

14
IPs

6
Countries

6649 kB
Transfer

11010 kB
Size

3
Cookies

146 HTTP transactions
2 data transactions