federation-admr.alsace Open in urlscan Pro
2606:4700:3035::6815:57a4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://federation-admr.alsace/
Effective URL:
https://federation-admr.alsace/
Submission: On June 13 via api (June 13th 2024, 6:54:33 pm UTC) from BE — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3035::6815:57a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is federation-admr.alsace.
TLS certificate: Issued by WE1 on June 6th 2024. Valid for: 3 months.

This is the only time federation-admr.alsace was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3035::6815:57a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1 3	172.67.144.173 172.67.144.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 27	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
49	8

6 2606:4700:3035::6815:57a4 (United States)

ASN13335 (CLOUDFLARENET, US)

federation-admr.alsace	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.144.173 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

federation-admr.alsace	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 192.0.77.2 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i3.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	wp.com 1 redirects i3.wp.com — Cisco Umbrella Rank: 46857	208 KB
9	federation-admr.alsace 1 redirects federation-admr.alsace	37 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8195	4 KB
3	gstatic.com fonts.gstatic.com	157 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3298	70 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	50 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 15363	124 KB
49	8

	Domain	Requested by
27	i3.wp.com	1 redirects federation-admr.alsace
9	federation-admr.alsace	1 redirects federation-admr.alsace
8	mc.yandex.com	2 redirects federation-admr.alsace mc.yandex.ru
3	fonts.gstatic.com	fonts.googleapis.com
2	mc.yandex.ru	1 redirects federation-admr.alsace
2	cdn.jsdelivr.net	federation-admr.alsace
2	fonts.googleapis.com	federation-admr.alsace
1	1.bp.blogspot.com	federation-admr.alsace
49	8

This site contains no links.

Subject Issuer	Validity	Valid
federation-admr.alsace WE1	`2024-06-06` - `2024-09-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://federation-admr.alsace/
Frame ID: 7B36186177695704EBAA9D7E3F0EDAE3
Requests: 48 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 02FEF20037FD2438B5914020602F8BEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

federation-admr.alsace

Page URL History Show full URLs

http://federation-admr.alsace/ HTTP 307
https://federation-admr.alsace/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

49
Requests

92 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

647 kB
Transfer

1088 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://federation-admr.alsace/ HTTP 307
https://federation-admr.alsace/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://i3.wp.com/1.bp.blogspot.com/-_yEI2Ey3djU/YKPwC4f_27I/AAAAAAAAGno/HErEEG6MhnUz6kUED72sDBYlXJFl1jbugCLcBGAsYHQ/s2048/stokes+twins+-+Copy.jpg?resize=320%2C190&ssl=1 HTTP 302
https://1.bp.blogspot.com/-_yEI2Ey3djU/YKPwC4f_27I/AAAAAAAAGno/HErEEG6MhnUz6kUED72sDBYlXJFl1jbugCLcBGAsYHQ/s2048/stokes+twins+-+Copy.jpg

Request Chain 41

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10399.MC3zsOwRv4mRqQyROLYVV_6QwFGfoSABh7Jzry2fj90nbJGRgKb5ahegR7c_THLw.9zEfc6pQwY_2SjpcLkiOzx_sf9o%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10399.lU9fQ7ROeqoZQPFjLD9yInRvFi7nX9dD3ZIpxyld2t_uRTMhYZs3XAsH0I9YqB8N7rYcRzkQeRu6LATBODwMF_ACEuP6XbTgkfLroK5VEyNr6YEI_PNje0M7i__zvIH31d6sexc8-JunK2tkW0eSVhtVOFhaoPKRGPNjPmrS-A0RRw86Km_t_YLXApgCaRoRAR0CzwMoFTrkS4X43rT0OyYRosOYTYo5P9r_67UZYkM%2C.omTXrWjhub1y91bgdZg9IAe0Cso%2C

Request Chain 44

https://mc.yandex.com/watch/97317630?wmode=7&page-url=https%3A%2F%2Ffederation-admr.alsace%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.55%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.55%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.55%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A0%3Als%3A764193563559%3Ahid%3A86063576%3Az%3A120%3Ai%3A20240613205429%3Aet%3A1718304869%3Ac%3A1%3Arn%3A353590937%3Arqn%3A1%3Au%3A1718304869272274343%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A363%3Awv%3A2%3Ads%3A0%2C54%2C130%2C2%2C1%2C0%2C%2C149%2C0%2C%2C%2C%2C356%3Aco%3A0%3Acpf%3A1%3Ans%3A1718304868260%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718304869%3At%3Afederation-admr.alsace&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
https://mc.yandex.com/watch/97317630/1?wmode=7&page-url=https%3A%2F%2Ffederation-admr.alsace%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.55%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.55%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.55%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A0%3Als%3A764193563559%3Ahid%3A86063576%3Az%3A120%3Ai%3A20240613205429%3Aet%3A1718304869%3Ac%3A1%3Arn%3A353590937%3Arqn%3A1%3Au%3A1718304869272274343%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A363%3Awv%3A2%3Ads%3A0%2C54%2C130%2C2%2C1%2C0%2C%2C149%2C0%2C%2C%2C%2C356%3Aco%3A0%3Acpf%3A1%3Ans%3A1718304868260%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718304869%3At%3Afederation-admr.alsace&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Request Chain 45

https://federation-admr.alsace/favicon.ico HTTP 301
https://federation-admr.alsace/

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
federation-admr.alsace/
Redirect Chain

http://federation-admr.alsace/
https://federation-admr.alsace/

74 KB
6 KB

203ms
130ms

Document
text/html

2606:4700:3035::6815:57a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://federation-admr.alsace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a061c55288641758d1e3ce1c9f1a9a6e65489b07e0be9c7f71af397472ce1fd1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89344a13297391db-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 18:54:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7t%2BsZPd6ZNeDtzK1VjF%2FnJD%2F5F4MBOyXPHTl8ei7dFJh29KheAJerN9a766%2BH5hQ6KwU%2FPrRyoOKFdtjergYeBEYO%2B%2FnRiwZIZLUavAusq8iqDvdlq0XAe9o0Hy3w6NP9silzczUxc5LYFC8PerNhFBopLuK"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://federation-admr.alsace/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 app.css
federation-admr.alsace/ 35 KB
8 KB 39ms
36ms Stylesheet
text/css 2606:4700:3035::6815:57a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://federation-admr.alsace/app.css?v=25
Requested by: Host: federation-admr.alsace
URL: https://federation-admr.alsace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad428af6f3387db51dd687dc17da307c69a3537a9c1ef3052d29f9f456c8407

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2024 13:07:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107222
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R77K4RtEhWZqwJPOSxLhPDGIoxMo9tgfr1PDKqwDEixW3v4ZvixzaZgq1%2Fol%2FafN%2Ft0E5MBCelg5228wCU48BYqfdy6pPmyhx7RCzgLCIiB%2FDvK39K04hbrZQBbrEBOb0G39UYaxorlxnulCTUd%2BMcm0PdBQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89344a140b2991db-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Board2.Blazor.ClientApp.styles.css
federation-admr.alsace/ 41 KB
10 KB 44ms
41ms Stylesheet
text/css 2606:4700:3035::6815:57a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://federation-admr.alsace/Board2.Blazor.ClientApp.styles.css?v=25
Requested by: Host: federation-admr.alsace
URL: https://federation-admr.alsace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25e523a3e6355f1a086ae2a9e424f0706920e67a8e3ba7de66ad6358d1ef8850

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2024 13:07:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107222
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDAcdPrYY4IVZWMlbK%2FpDi0IOTPOhhrYrZReEWQnKowNgQ6uQW0ci9SqVcEHHa0Xdibofhdkov6IDmtx1X0iMZMxcbVYWOzRBG2x8IzBuZnVXcsgIPwZkJJOW22cXwuWuw72GOMgsKSUZo2taxIaBp9sNz8a"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89344a140b2a91db-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 mcp.js Show response
federation-admr.alsace/ 4 KB
2 KB 125ms
123ms Script
text/javascript 2606:4700:3035::6815:57a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://federation-admr.alsace/mcp.js?v=24
Requested by: Host: federation-admr.alsace
URL: https://federation-admr.alsace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 301650bd992b27060d49f54bc46c2f720b66e38e3ef7da4ce97c724a0248c772

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jH4DaTz3fzDsptr6ieItjcT67tZjZ13tfdqLoqgx1h%2FB9KJ2DPrHkycPCqCaOiIna35T5fJRPJ4jU9H8KL6ftDHKUOlpyPtNlptg%2BCFOgsQArp3Pl3RzUKf7zcI7MemX7WVUUogNSF3PC8mSRy1hbEyIVQtt"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89344a140b2c91db-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.js Show response
federation-admr.alsace/ 4 KB
1 KB 45ms
43ms Script
text/javascript 2606:4700:3035::6815:57a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://federation-admr.alsace/app.js?v=24
Requested by: Host: federation-admr.alsace
URL: https://federation-admr.alsace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:57a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a796532e6bfaba8007964502a1da3209f70305b35f25a5e57cea5a923202c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2024 13:07:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107222
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDoThP%2BXvcgzbNhCra6DISJNm5cTOEtgZ%2FQ2PB5iZlOpkv%2FAbGs6aZS5OVGQoXqPNRtWRhJRInafe4w27kYPps36J0v9tNpryNFXqn%2BnIGspCCQMpUhFMl6Em7XCwizTGc3lR7uqfat5rqD2OTgg3DlwbkF1"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89344a140b2e91db-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 4 KB
753 B 81ms
31ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 18:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 18:02:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 18:54:28 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
778 B 78ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 18:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 18:54:28 GMT

GET
H2 200 fancybox.umd.js Show response
cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/fancybox/ 139 KB
44 KB 73ms
21ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/fancybox/fancybox.umd.js

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

862504070144a4b17a0e507cb065e52a8e243d9e3a522e2a1a9774beb5643a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28560
x-jsd-version: 5.0.36
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44571
x-served-by: cache-fra-etou8220129-FRA
x-jsd-version-type: version
etag: W/"22c19-Lb7o6RbJf9zqsolGKfoiQM/wVzs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fancybox.css
cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/fancybox/ 25 KB
6 KB 94ms
42ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fancyapps/ui@5.0/dist/fancybox/fancybox.css

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cccf165ed1b87949fb74a28d313ba8599b9bfbe56749f68ea40ffc3c97ef4c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26066
x-jsd-version: 5.0.36
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5627
x-served-by: cache-fra-etou8220129-FRA
x-jsd-version-type: version
etag: W/"62ff-giaeOPBfIiHawF4nBpcYwhHxYEE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 email-decode.min.js Show response
federation-admr.alsace/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
28ms Script
application/javascript 2606:4700:3035::6815:57a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://federation-admr.alsace/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:57a4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Jun 2024 15:09:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"666322ba-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CsRsVHJ36aaiMyoQsIXNx54FjSt8YK1cEECCHLsjwElfza%2BiYuxoaI5IMP6eWMoE2J%2FGxc2QJWu8RziGycvcAmq0rQCHwkjN7mDdDaQFMOGn7lqu40Kap9WfpnQKyoer2qdz3dTHiflZlThdhZpjfNcCNp8k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 89344a140b3191db-FRA
expires: Sat, 15 Jun 2024 18:54:28 GMT

GET
H3 200 Mcp.Blazor.UI.Controls.bundle.scp.css
federation-admr.alsace/ 8 KB
3 KB 35ms
35ms Stylesheet
text/css 172.67.144.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://federation-admr.alsace/Mcp.Blazor.UI.Controls.bundle.scp.css
Requested by: Host: federation-admr.alsace
URL: https://federation-admr.alsace/Board2.Blazor.ClientApp.styles.css?v=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ebda94d6478196d5391841e1d609071f140d0bc76de175732003eebbd6d789

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/Board2.Blazor.ClientApp.styles.css?v=25
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2024 21:52:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 75715
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A6fNaZXlG2dnxlZx8u%2Bdq%2BEPCT1ShVERphb7gORgwpGqumOZI6szXzs91mha%2BaKATRmYhNDPmH6OpcXxO%2BR8YD%2BDkP4mIGu%2BovLHXp1vFChKUbCgqn%2B34twz%2F5OUkj6arTeyAlRKUHTu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89344a144ca72c1b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 201 KB
70 KB 342ms
187ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5032e6e296efe960663b74e7a1d53cc0b8b2d27bca1b8c2035d01cd472678fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 13 Jun 2024 13:11:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "666aefe4-11375"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70517
expires: Thu, 13 Jun 2024 19:54:28 GMT

GET
H2 200 dldss129_1200.jpg
i3.wp.com/cdn.javsts.com/wp-content/uploads/2022/10/ 8 KB
8 KB 105ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/cdn.javsts.com/wp-content/uploads/2022/10/dldss129_1200.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

686575f9db7aac303876fe05f4f43abd2a270d9d600ed32adedbec14079f8812

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8062
x-nc: HIT hhn 3
last-modified: Wed, 12 Jun 2024 05:45:43 GMT
server: nginx
etag: "10112c9f052b95dc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://cdn.javsts.com/wp-content/uploads/2022/10/dldss129_1200.jpg>; rel="canonical"
expires: Fri, 12 Jun 2026 17:45:43 GMT

GET
H2 200 -0VLXs9B02P01THg.jpg:large
i3.wp.com/pbs.twimg.com/ext_tw_video_thumb/1720165797765509120/pu/img/ 9 KB
10 KB 85ms
38ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/pbs.twimg.com/ext_tw_video_thumb/1720165797765509120/pu/img/-0VLXs9B02P01THg.jpg:large?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

93144af1db6e8d897be7355c0c8366c2983bef1127ba95a88e68027d03d71e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
x-bytes-saved: 373
alt-svc: h3=":443"; ma=86400
content-length: 9703
x-nc: HIT hhn 3
last-modified: Wed, 12 Jun 2024 01:24:56 GMT
server: nginx
etag: "95c190e97fdb5729"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://pbs.twimg.com/ext_tw_video_thumb/1720165797765509120/pu/img/-0VLXs9B02P01THg.jpg:large>; rel="canonical"
expires: Fri, 12 Jun 2026 13:24:56 GMT

GET
H2 200 0.webp
i3.wp.com/image.91jinman.com/uploads/12/67/52/ 13 KB
14 KB 105ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/image.91jinman.com/uploads/12/67/52/0.webp?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8ecfe35b51a590b889eb63802cb67e9e9d5df3510d4efd080f97001a2984a982

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 13668
x-nc: HIT hhn 1
last-modified: Thu, 13 Jun 2024 07:37:00 GMT
server: nginx
etag: "9aff448b346843b7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://image.91jinman.com/uploads/12/67/52/0.webp>; rel="canonical"
expires: Sat, 13 Jun 2026 19:37:00 GMT

GET
H2 200 e9fb1b48.jpg
i3.wp.com/ibradome.com/Uploads/Media/Dec22/Thu08/17568/ 9 KB
9 KB 87ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/ibradome.com/Uploads/Media/Dec22/Thu08/17568/e9fb1b48.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8b9c890819987d3f4c4195fc85076e5e84b719800582edc339dd19b9e661ab73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8834
x-nc: HIT hhn 2
last-modified: Wed, 12 Jun 2024 01:38:15 GMT
server: nginx
etag: "4e621ee1c22adaf5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ibradome.com/Uploads/Media/Dec22/Thu08/17568/e9fb1b48.jpg>; rel="canonical"
expires: Fri, 12 Jun 2026 13:38:15 GMT

GET
H2 200 /
i3.wp.com/avjb.com/en/get_image/2/2095d911a35ca9b00da5d7b1a7bcdd5d/sources/0/402/25515.jpg/ 15 KB
15 KB 106ms
60ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/avjb.com/en/get_image/2/2095d911a35ca9b00da5d7b1a7bcdd5d/sources/0/402/25515.jpg/?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9d4b0ad8a72cc790a42fb6ebd4b703ae10805f8ff9ee10a2f78f2964049a7c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
x-bytes-saved: 823
alt-svc: h3=":443"; ma=86400
content-length: 15183
x-nc: HIT hhn 4
last-modified: Wed, 12 Jun 2024 13:21:06 GMT
server: nginx
etag: "62e2d74b7098a4e6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://avjb.com/en/get_image/2/2095d911a35ca9b00da5d7b1a7bcdd5d/sources/0/402/25515.jpg/>; rel="canonical"
expires: Sat, 13 Jun 2026 01:21:06 GMT

GET
H2 200 akt.jpg
i3.wp.com/tbi.sb-cd.com/t/12195395/1/2/w:1280/t6-enh/ 7 KB
7 KB 104ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/tbi.sb-cd.com/t/12195395/1/2/w:1280/t6-enh/akt.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

5b90ea3f9001747673ebb93d81aa633626d34bbed614930a63d40338425baf50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6828
x-nc: HIT hhn 2
last-modified: Fri, 07 Jun 2024 02:48:57 GMT
server: nginx
etag: "cb45c8949054d9b3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbi.sb-cd.com/t/12195395/1/2/w:1280/t6-enh/akt.jpg>; rel="canonical"
expires: Sun, 07 Jun 2026 14:48:57 GMT

GET
H2 200 100550mw8w9qwgdsyqdqnw.jpg
i3.wp.com/xsijishe.com/data/attachment/forum/202401/15/ 7 KB
8 KB 94ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/xsijishe.com/data/attachment/forum/202401/15/100550mw8w9qwgdsyqdqnw.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

43318b40be28ac95a54cdd210f46dfbdecf56bf4c7f0dbfac07ad47d191a8e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7330
x-nc: HIT hhn 3
last-modified: Tue, 04 Jun 2024 16:18:12 GMT
server: nginx
etag: "777a27fbdef81953"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://xsijishe.com/data/attachment/forum/202401/15/100550mw8w9qwgdsyqdqnw.jpg>; rel="canonical"
expires: Fri, 05 Jun 2026 04:18:12 GMT

GET
H2 200 preview.jpg
i3.wp.com/avhu.com/contents/videos_screenshots/17000/17050/ 6 KB
7 KB 95ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/avhu.com/contents/videos_screenshots/17000/17050/preview.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

46db00fc48e2c659075add4abf18b838d12d3ba3353d130f5d4551211afbe199

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6644
x-nc: HIT hhn 1
last-modified: Wed, 12 Jun 2024 15:49:07 GMT
server: nginx
etag: "83927fd54ce616b4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://avhu.com/contents/videos_screenshots/17000/17050/preview.jpg>; rel="canonical"
expires: Sat, 13 Jun 2026 03:49:07 GMT

GET
H2 200 (m=eaSaaTbaAaaaa)(mh=udU-08Z47jIdr2VJ)3.jpg
i3.wp.com/ei.phncdn.com/videos/202303/03/426617921/original/ 7 KB
8 KB 56ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/ei.phncdn.com/videos/202303/03/426617921/original/(m=eaSaaTbaAaaaa)(mh=udU-08Z47jIdr2VJ)3.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

347065113c1161fe11dd3c8cf6c1ae8bdfd8cae57a741db53feabeffe8f74b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7414
x-nc: HIT hhn 1
last-modified: Thu, 13 Jun 2024 06:00:05 GMT
server: nginx
etag: "816e06e4325a2107"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ei.phncdn.com/videos/202303/03/426617921/original/(m=eaSaaTbaAaaaa)(mh=udU-08Z47jIdr2VJ)3.jpg>; rel="canonical"
expires: Sat, 13 Jun 2026 18:00:05 GMT

GET
H2 200 (m=qXV99KVbeaSaaTbaAaaaa)(mh=wnojzXQqmNys5qzD)0.jpg
i3.wp.com/ei.phncdn.com/videos/202002/20/286307222/original/ 6 KB
6 KB 95ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/ei.phncdn.com/videos/202002/20/286307222/original/(m=qXV99KVbeaSaaTbaAaaaa)(mh=wnojzXQqmNys5qzD)0.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e23fa9348ee322425a2f0e554528e0523003e4952d865aa85f7b61889bbdf2ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5866
x-nc: HIT hhn 3
last-modified: Wed, 12 Jun 2024 05:51:51 GMT
server: nginx
etag: "392f98f3bc0da018"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ei.phncdn.com/videos/202002/20/286307222/original/(m=qXV99KVbeaSaaTbaAaaaa)(mh=wnojzXQqmNys5qzD)0.jpg>; rel="canonical"
expires: Fri, 12 Jun 2026 17:51:51 GMT

GET
H2 200 (m=eaSaaTbaAaaaa)(mh=Jb2tp88gkfxVb-bI)16.jpg
i3.wp.com/ei.phncdn.com/videos/202001/06/274261781/original/ 7 KB
8 KB 94ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/ei.phncdn.com/videos/202001/06/274261781/original/(m=eaSaaTbaAaaaa)(mh=Jb2tp88gkfxVb-bI)16.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

65d642d85dded23a43f25e565c681da161cc028b93ec3c339e5de1516fe70f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7450
x-nc: HIT hhn 4
last-modified: Tue, 11 Jun 2024 21:02:13 GMT
server: nginx
etag: "47da77194977477b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ei.phncdn.com/videos/202001/06/274261781/original/(m=eaSaaTbaAaaaa)(mh=Jb2tp88gkfxVb-bI)16.jpg>; rel="canonical"
expires: Fri, 12 Jun 2026 09:02:13 GMT

GET
H2 403 preview.jpg
i3.wp.com/cdn.camwhores.tv/contents/videos_screenshots/10627000/10627559/ 65 B
65 B 146ms
111ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.wp.com/cdn.camwhores.tv/contents/videos_screenshots/10627000/10627559/preview.jpg?resize=320%2C190&ssl=1
Requested by: Host: federation-admr.alsace
URL: https://federation-admr.alsace/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i1.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: MISS hhn 4
date: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
alt-svc: h3=":443"; ma=86400
content-type: text/html; charset=utf-8

GET
H2 200 karen-yuzuriha-oae-233-nak.jpg
i3.wp.com/tbi.sb-cd.com/t/13672115/1/3/w:1280/t1-enh/ 7 KB
7 KB 55ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/tbi.sb-cd.com/t/13672115/1/3/w:1280/t1-enh/karen-yuzuriha-oae-233-nak.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

7e4cccdd88c7e2d1b8ba42e9dab0b3499d4d6fbea1922c597759f57449a5a223

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7142
x-nc: HIT hhn 4
last-modified: Thu, 13 Jun 2024 15:01:58 GMT
server: nginx
etag: "ee16be9dbe4e948e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbi.sb-cd.com/t/13672115/1/3/w:1280/t1-enh/karen-yuzuriha-oae-233-nak.jpg>; rel="canonical"
expires: Sun, 14 Jun 2026 03:01:58 GMT

GET
H2 200 preview.jpg
i3.wp.com/avhu.com/contents/videos_screenshots/27000/27925/ 7 KB
8 KB 75ms
40ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/avhu.com/contents/videos_screenshots/27000/27925/preview.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

017b62bde7ba7dca676b1452187e0af70de2e4a73bb5412b50fc585d6dbb2cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7430
x-nc: HIT hhn 4
last-modified: Wed, 12 Jun 2024 05:45:43 GMT
server: nginx
etag: "eaa83c4ddfc627dc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://avhu.com/contents/videos_screenshots/27000/27925/preview.jpg>; rel="canonical"
expires: Fri, 12 Jun 2026 17:45:43 GMT

GET
H2 200 preview.jpg
i3.wp.com/bh.j2.img.jb-aiwei.cc/cdn/contents/videos_screenshots/46000/46200/ 9 KB
9 KB 95ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/bh.j2.img.jb-aiwei.cc/cdn/contents/videos_screenshots/46000/46200/preview.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b570648176870ced9c27d3c7d4639f3e09335719e775e6246e5ad7bbcb7e8757

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8746
x-nc: HIT hhn 1
last-modified: Thu, 13 Jun 2024 08:21:55 GMT
server: nginx
etag: "ca9a1e79bd0934da"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bh.j2.img.jb-aiwei.cc/cdn/contents/videos_screenshots/46000/46200/preview.jpg>; rel="canonical"
expires: Sat, 13 Jun 2026 20:21:55 GMT

GET
H2 200 2560x1440.214.webp
i3.wp.com/thumb-nss.xhcdn.com/a/6x1zmaFLZv-_infyetSFVA/022/615/013/v2/ 10 KB
11 KB 94ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/thumb-nss.xhcdn.com/a/6x1zmaFLZv-_infyetSFVA/022/615/013/v2/2560x1440.214.webp?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0760e2ace3102aecd722a18d516e9e38d74d421b07054e79d4b0d2174c5d7551

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 10474
x-nc: HIT hhn 2
last-modified: Thu, 13 Jun 2024 00:49:27 GMT
server: nginx
etag: "eedcc8820d2ae18b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thumb-nss.xhcdn.com/a/6x1zmaFLZv-_infyetSFVA/022/615/013/v2/2560x1440.214.webp>; rel="canonical"
expires: Sat, 13 Jun 2026 12:49:27 GMT

GET
H2 200 asmr-t-me-ac.jpg
i3.wp.com/tbi.sb-cd.com/t/15805826/1/5/w:1280/t8-enh/ 7 KB
8 KB 93ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/tbi.sb-cd.com/t/15805826/1/5/w:1280/t8-enh/asmr-t-me-ac.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f3f80df2d9490548d1b3645c1a8d48294931191cedba63fe3d4f6ae9bedbd85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7482
x-nc: HIT hhn 1
last-modified: Wed, 12 Jun 2024 01:24:56 GMT
server: nginx
etag: "f11eafb530a7fbbc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbi.sb-cd.com/t/15805826/1/5/w:1280/t8-enh/asmr-t-me-ac.jpg>; rel="canonical"
expires: Fri, 12 Jun 2026 13:24:56 GMT

GET
H2 200 0.jpg
i3.wp.com/www.9sex.tv/media/films/2023/10/29/1346562/ 6 KB
6 KB 95ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/www.9sex.tv/media/films/2023/10/29/1346562/0.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

4dd40b8838146b0712aa777db70928e6f05c52a56db90a4d0343249f648abbb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6240
x-nc: HIT hhn 2
last-modified: Thu, 13 Jun 2024 07:37:10 GMT
server: nginx
etag: "713b933bd38fafa0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.9sex.tv/media/films/2023/10/29/1346562/0.jpg>; rel="canonical"
expires: Sat, 13 Jun 2026 19:37:10 GMT

GET
H2 200 1.webp
i3.wp.com/z2.momon-ga.com/galleries/1401535/ 11 KB
12 KB 82ms
80ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/z2.momon-ga.com/galleries/1401535/1.webp?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ef9c1b23d15a9927be6f10e2bfed6c5c591da3bbdebccadad70fe3251c39c3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 11526
x-nc: MISS hhn 1
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
etag: "4a9c121eb6214f69"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://z2.momon-ga.com/galleries/1401535/1.webp>; rel="canonical"
expires: Sun, 14 Jun 2026 06:54:28 GMT

GET
H2 200 6b9zg4ugtxc61.jpg
i3.wp.com/i.redd.it/ 6 KB
7 KB 80ms
78ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/i.redd.it/6b9zg4ugtxc61.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

7d71dc965233bc38ef8b711e803e6e533eefb94921b234e077e43945a8eda657

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6364
x-nc: MISS hhn 3
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
etag: "2a52f9602d8586a5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://i.redd.it/6b9zg4ugtxc61.jpg>; rel="canonical"
expires: Sun, 14 Jun 2026 06:54:28 GMT

GET
H2 200 pretty18girl-1.jpeg
i3.wp.com/www.boabronha.com/wp-content/uploads/2022/06/ 7 KB
7 KB 60ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/www.boabronha.com/wp-content/uploads/2022/06/pretty18girl-1.jpeg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6e7e373161ca6381241828ee57aca6d41501cf4da91f957db8c7e2de9e5f989f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6660
x-nc: MISS hhn 2
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
etag: "46b16f3c58cf78f8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.boabronha.com/wp-content/uploads/2022/06/pretty18girl-1.jpeg>; rel="canonical"
expires: Sun, 14 Jun 2026 06:54:28 GMT

GET
H2 200 Azula-The-Boiling-Rock-page-01.jpg
i3.wp.com/mult34.com/wp-content/uploads/2020/05/ 6 KB
7 KB 75ms
73ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/mult34.com/wp-content/uploads/2020/05/Azula-The-Boiling-Rock-page-01.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

404cbf0d05585ea005c6217364a1130065293dd0648fdb12b43b5495c522383e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6294
x-nc: MISS hhn 3
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
etag: "e34c2c2bd795e754"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://mult34.com/wp-content/uploads/2020/05/Azula-The-Boiling-Rock-page-01.jpg>; rel="canonical"
expires: Sun, 14 Jun 2026 06:54:28 GMT

GET
H2 200 55a840198dda94461097dde205101d33.jpg
i3.wp.com/img.hellocdn2.net/simg/ 2 KB
2 KB 59ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/img.hellocdn2.net/simg/55a840198dda94461097dde205101d33.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9b5600d2cdb6c6a870ac02ae7fdf32e0fbf7949ca5be25d9a88b7d21a148fe59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2132
x-nc: MISS hhn 4
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
etag: "012399242a8c1837"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://img.hellocdn2.net/simg/55a840198dda94461097dde205101d33.jpg>; rel="canonical"
expires: Sun, 14 Jun 2026 06:54:28 GMT

GET
H2 200 khloemonroevip_0004.jpg
i3.wp.com/thefappeningblog.com/data/k/h/khloemonroevip/1000/ 11 KB
11 KB 83ms
81ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/thefappeningblog.com/data/k/h/khloemonroevip/1000/khloemonroevip_0004.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6b75a716f8adab9301528cc3ed19adf6a2f904deee604c6da071b4af6c9fed0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 10906
x-nc: MISS hhn 2
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
etag: "739ea3b068f256b3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thefappeningblog.com/data/k/h/khloemonroevip/1000/khloemonroevip_0004.jpg>; rel="canonical"
expires: Sun, 14 Jun 2026 06:54:28 GMT

GET
H2

200

stokes+twins+-+Copy.jpg
1.bp.blogspot.com/-_yEI2Ey3djU/YKPwC4f_27I/AAAAAAAAGno/HErEEG6MhnUz6kUED72sDBYlXJFl1jbugCLcBGAsYHQ/s2048/
Redirect Chain

https://i3.wp.com/1.bp.blogspot.com/-_yEI2Ey3djU/YKPwC4f_27I/AAAAAAAAGno/HErEEG6MhnUz6kUED72sDBYlXJFl1jbugCLcBGAsYHQ/s2048/stokes+twins+-+Copy.jpg?resize=320%2C190&ssl=1
https://1.bp.blogspot.com/-_yEI2Ey3djU/YKPwC4f_27I/AAAAAAAAGno/HErEEG6MhnUz6kUED72sDBYlXJFl1jbugCLcBGAsYHQ/s2048/stokes+twins+-+Copy.jpg

123 KB
124 KB

331ms
250ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_yEI2Ey3djU/YKPwC4f_27I/AAAAAAAAGno/HErEEG6MhnUz6kUED72sDBYlXJFl1jbugCLcBGAsYHQ/s2048/stokes+twins+-+Copy.jpg

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b48ed5389d853c1555cd70a4a71d3483285dbf944ac48615e27194b23ab31e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://federation-admr.alsace/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 18:54:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1a80"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="stokes twins - Copy.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126099
x-xss-protection: 0
expires: Fri, 14 Jun 2024 18:54:29 GMT

Redirect headers

x-nc: EXPIRED hhn 2
date: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: text/html
location: https://1.bp.blogspot.com/-_yEI2Ey3djU/YKPwC4f_27I/AAAAAAAAGno/HErEEG6MhnUz6kUED72sDBYlXJFl1jbugCLcBGAsYHQ/s2048/stokes+twins+-+Copy.jpg
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 138

GET
H2 200 arisu-hirose-joyu.jpg
i3.wp.com/tbi.sb-cd.com/t/10950529/1/0/w:1280/t6-enh/ 7 KB
8 KB 60ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/tbi.sb-cd.com/t/10950529/1/0/w:1280/t6-enh/arisu-hirose-joyu.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e41c674d770ddc0e2f82b80c77eb5ff386abcd32a31764592e3799e29aa22095

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7568
x-nc: MISS hhn 1
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
etag: "39d68fac17bea471"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbi.sb-cd.com/t/10950529/1/0/w:1280/t6-enh/arisu-hirose-joyu.jpg>; rel="canonical"
expires: Sun, 14 Jun 2026 06:54:28 GMT

GET
H2 200 (m=eaSaaTbaAaaaa)(mh=LF5ISytSlkD7NOxX)7.jpg
i3.wp.com/ei.phncdn.com/videos/202302/11/425244211/thumbs_20/ 6 KB
6 KB 60ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.wp.com/ei.phncdn.com/videos/202302/11/425244211/thumbs_20/(m=eaSaaTbaAaaaa)(mh=LF5ISytSlkD7NOxX)7.jpg?resize=320%2C190&ssl=1

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2f126b4f787045615a9513fb8dbab2aa6971c7bf4e1b0f6a7ab7428f3873d482

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5838
x-nc: MISS hhn 4
last-modified: Thu, 13 Jun 2024 18:54:28 GMT
server: nginx
etag: "1fe42f0633f8403d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://ei.phncdn.com/videos/202302/11/425244211/thumbs_20/(m=eaSaaTbaAaaaa)(mh=LF5ISytSlkD7NOxX)7.jpg>; rel="canonical"
expires: Sun, 14 Jun 2026 06:54:28 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 84ms
27ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://federation-admr.alsace
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 11:56:09 GMT
x-content-type-options: nosniff
age: 25099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 11:56:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 138ms
81ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://federation-admr.alsace
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:54:18 GMT
x-content-type-options: nosniff
age: 72010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 22:54:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 77ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://federation-admr.alsace
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:20:49 GMT
x-content-type-options: nosniff
age: 48819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 05:20:49 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10399.MC3zsOwRv4mRqQyROLYVV_6QwFGfoSABh7Jzry2fj90nbJGRgKb5ahegR7c_THLw.9zEfc6pQwY_2SjpcLkiOzx_sf9o%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10399.lU9fQ7ROeqoZQPFjLD9yInRvFi7nX9dD3ZIpxyld2t_uRTMhYZs3XAsH0I9YqB8N7rYcRzkQeRu6LATBODwMF_ACEuP6XbTgkfLroK5VEyNr6YEI_PNje0M7i__zvIH31d6sexc8-J...

43 B
675 B

68ms
68ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10399.lU9fQ7ROeqoZQPFjLD9yInRvFi7nX9dD3ZIpxyld2t_uRTMhYZs3XAsH0I9YqB8N7rYcRzkQeRu6LATBODwMF_ACEuP6XbTgkfLroK5VEyNr6YEI_PNje0M7i__zvIH31d6sexc8-JunK2tkW0eSVhtVOFhaoPKRGPNjPmrS-A0RRw86Km_t_YLXApgCaRoRAR0CzwMoFTrkS4X43rT0OyYRosOYTYo5P9r_67UZYkM%2C.omTXrWjhub1y91bgdZg9IAe0Cso%2C

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://federation-admr.alsace/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 18:54:29 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10399.lU9fQ7ROeqoZQPFjLD9yInRvFi7nX9dD3ZIpxyld2t_uRTMhYZs3XAsH0I9YqB8N7rYcRzkQeRu6LATBODwMF_ACEuP6XbTgkfLroK5VEyNr6YEI_PNje0M7i__zvIH31d6sexc8-JunK2tkW0eSVhtVOFhaoPKRGPNjPmrS-A0RRw86Km_t_YLXApgCaRoRAR0CzwMoFTrkS4X43rT0OyYRosOYTYo5P9r_67UZYkM%2C.omTXrWjhub1y91bgdZg9IAe0Cso%2C
date: Thu, 13 Jun 2024 18:54:29 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
601 B 82ms
82ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:54:29 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 13 Jun 2024 13:11:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "666aefe4-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 13 Jun 2024 19:54:29 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 02FE 0
0 226ms
81ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://federation-admr.alsace/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1048
content-type: text/html
date: Thu, 13 Jun 2024 18:54:29 GMT
etag: "666aefe4-418"
expires: Thu, 13 Jun 2024 19:54:29 GMT
last-modified: Thu, 13 Jun 2024 13:11:00 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/97317630/
Redirect Chain

https://mc.yandex.com/watch/97317630?wmode=7&page-url=https%3A%2F%2Ffederation-admr.alsace%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22...
https://mc.yandex.com/watch/97317630/1?wmode=7&page-url=https%3A%2F%2Ffederation-admr.alsace%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%...

447 B
539 B

123ms
122ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/97317630/1?wmode=7&page-url=https%3A%2F%2Ffederation-admr.alsace%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.55%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.55%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.55%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A0%3Als%3A764193563559%3Ahid%3A86063576%3Az%3A120%3Ai%3A20240613205429%3Aet%3A1718304869%3Ac%3A1%3Arn%3A353590937%3Arqn%3A1%3Au%3A1718304869272274343%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A363%3Awv%3A2%3Ads%3A0%2C54%2C130%2C2%2C1%2C0%2C%2C149%2C0%2C%2C%2C%2C356%3Aco%3A0%3Acpf%3A1%3Ans%3A1718304868260%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718304869%3At%3Afederation-admr.alsace&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Requested by

Host: federation-admr.alsace
URL: https://federation-admr.alsace/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

099641a17bc898be1c7f65276de5a5db9cd140950c7024f68c9270adc93076be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://federation-admr.alsace/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 18:54:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 13-Jun-2024 18:54:29 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://federation-admr.alsace
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Thu, 13-Jun-2024 18:54:29 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jun 2024 18:54:29 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 13-Jun-2024 18:54:29 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/97317630/1?wmode=7&page-url=https%3A%2F%2Ffederation-admr.alsace%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.55%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.55%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.55%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A0%3Als%3A764193563559%3Ahid%3A86063576%3Az%3A120%3Ai%3A20240613205429%3Aet%3A1718304869%3Ac%3A1%3Arn%3A353590937%3Arqn%3A1%3Au%3A1718304869272274343%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A363%3Awv%3A2%3Ads%3A0%2C54%2C130%2C2%2C1%2C0%2C%2C149%2C0%2C%2C%2C%2C356%3Aco%3A0%3Acpf%3A1%3Ans%3A1718304868260%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718304869%3At%3Afederation-admr.alsace&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin: https://federation-admr.alsace
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 13-Jun-2024 18:54:29 GMT

GET
H3

200

/
federation-admr.alsace/
Redirect Chain

https://federation-admr.alsace/favicon.ico
https://federation-admr.alsace/

74 KB
6 KB

131ms
131ms

Other
text/html

172.67.144.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://federation-admr.alsace/
Protocol: H3
Server: 172.67.144.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c947e474be572065baeecb78032a666d1572ae48df3cf87b4c2f39c4e6230411

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://federation-admr.alsace/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 18:54:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnZIfLEcicw%2FD0WRJ3AHChB%2Bv42hxeTgLXwqkAZ3jhRxhi57ijuxMihJFVqhcP5iqpKYchKpMzphyCEwNbBZcRKDFjaW%2ByLwsWCBfrSBr9hCq%2B%2B7O%2Fj%2F2lfBJdHTGYrRvSyjUNa4p6HJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 89344a1a5dad2c1b-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 13 Jun 2024 18:54:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9STMfGFvQNiemirTh2fvTl8FUXE9k6wEeYibIi%2BGR0hs8QVcWM6N0h0Gdb4WA1X3amSYVAbmCBQXzO%2BlmcynVCtN29WtLc6699xUwCbR%2B4Nk%2BYBG%2ByiG6j5olPey0JqLD6nUSpekX5w%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /
cache-control: max-age=14400
cf-ray: 89344a19ac992c1b-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 97317630
mc.yandex.com/webvisor/ 43 B
0 279ms
210ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/97317630?wv-part=1&wv-type=7&wmode=0&wv-hit=86063576&page-url=https%3A%2F%2Ffederation-admr.alsace%2F&rn=833156950&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1718304872%3Aw%3A1600x1200%3Av%3A1360%3Az%3A120%3Ai%3A20240613205431%3Au%3A1718304869272274343%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Ast%3A1718304872&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 18:54:32 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 13-Jun-2024 18:54:32 GMT
content-type: image/gif
access-control-allow-origin: https://federation-admr.alsace
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 13-Jun-2024 18:54:32 GMT

POST
H2 200 97317630
mc.yandex.com/webvisor/ 43 B
0 72ms
72ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/97317630?wv-part=1&wv-type=7&wmode=0&wv-hit=86063576&page-url=https%3A%2F%2Ffederation-admr.alsace%2F&rn=1055027823&browser-info=we%3A1%3Aet%3A1718304872%3Aw%3A1600x1200%3Av%3A1360%3Az%3A120%3Ai%3A20240613205432%3Au%3A1718304869272274343%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Ast%3A1718304872&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://federation-admr.alsace/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 18:54:32 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 13-Jun-2024 18:54:32 GMT
content-type: image/gif
access-control-allow-origin: https://federation-admr.alsace
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 13-Jun-2024 18:54:32 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
federation-admr.alsace/	1970-01-20 21:19:51	Name: visitor Value: true
.yandex.ru/	1970-01-21 06:54:24	Name: i Value: aPVSomz+82rAoIFKN/1tC1q0wjJSB6ZEl85E4pHgEfbiSwevXF19CT2+kgKWdsGYeOuC5NCxOBchTBW/EGuShQJDui4=
.yandex.ru/	1970-01-21 06:54:24	Name: yandexuid Value: 6872753831718304868
.yandex.ru/	1970-01-21 06:04:00	Name: yashr Value: 8836214621718304868
mc.yandex.ru/	1970-01-21 06:04:00	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.federation-admr.alsace/	1970-01-21 06:04:00	Name: _ym_uid Value: 1718304869272274343
.federation-admr.alsace/	1970-01-21 06:04:00	Name: _ym_d Value: 1718304869
.mc.yandex.com/	1970-01-20 21:18:25	Name: sync_cookie_csrf Value: 672694563fake
mc.yandex.com/	1970-01-21 06:04:00	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.yandex.com/	1970-01-21 06:04:00	Name: yashr Value: 5088912871718304869
.federation-admr.alsace/	1970-01-20 21:19:36	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 21:18:25	Name: sync_cookie_csrf Value: 1632125059fake
.yandex.com/	1970-01-21 06:04:00	Name: yandexuid Value: 6872753831718304868
.yandex.com/	1970-01-21 06:04:00	Name: yuidss Value: 6872753831718304868
.yandex.com/	1970-01-21 06:54:24	Name: i Value: aPVSomz+82rAoIFKN/1tC1q0wjJSB6ZEl85E4pHgEfbiSwevXF19CT2+kgKWdsGYeOuC5NCxOBchTBW/EGuShQJDui4=
.yandex.com/	1970-01-21 06:54:24	Name: yp Value: 1718391269.yu.2186188971718304869
.mc.yandex.com/	1970-01-20 21:19:51	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1866302401718304869
.yandex.com/	1970-01-21 06:04:00	Name: ymex Value: 1720896869.oyu.2186188971718304869#1749840869.yrts.1718304869
.yandex.com/	1970-01-21 06:04:00	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 06:04:00	Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI2IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI2IhoFIng4NiIiDyIxMjYuMC42NDc4LjU1IioCPzA6ByJXaW4zMiJCCCIxMC4wLjAiSgQiNjQiUlkiTm90L0EpQnJhbmQiO3Y9IjguMC4wLjAiLCJDaHJvbWl1bSI7dj0iMTI2LjAuNjQ3OC41NSIsIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNi4wLjY0NzguNTUiIg==
.federation-admr.alsace/	1970-01-20 21:18:26	Name: _ym_visorc Value: w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i3.wp.com/cdn.camwhores.tv/contents/videos_screenshots/10627000/10627559/preview.jpg?resize=320%2C190&ssl=1 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdn.jsdelivr.net
federation-admr.alsace
fonts.googleapis.com
fonts.gstatic.com
i3.wp.com
mc.yandex.com
mc.yandex.ru
172.67.144.173
192.0.77.2
2606:4700:3035::6815:57a4
2a00:1450:4001:800::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2001
2a02:6b8::1:119
2a04:4e42:200::485
017b62bde7ba7dca676b1452187e0af70de2e4a73bb5412b50fc585d6dbb2cc3
0760e2ace3102aecd722a18d516e9e38d74d421b07054e79d4b0d2174c5d7551
099641a17bc898be1c7f65276de5a5db9cd140950c7024f68c9270adc93076be
13a796532e6bfaba8007964502a1da3209f70305b35f25a5e57cea5a923202c8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25e523a3e6355f1a086ae2a9e424f0706920e67a8e3ba7de66ad6358d1ef8850
2f126b4f787045615a9513fb8dbab2aa6971c7bf4e1b0f6a7ab7428f3873d482
301650bd992b27060d49f54bc46c2f720b66e38e3ef7da4ce97c724a0248c772
347065113c1161fe11dd3c8cf6c1ae8bdfd8cae57a741db53feabeffe8f74b5a
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
404cbf0d05585ea005c6217364a1130065293dd0648fdb12b43b5495c522383e
43318b40be28ac95a54cdd210f46dfbdecf56bf4c7f0dbfac07ad47d191a8e18
46db00fc48e2c659075add4abf18b838d12d3ba3353d130f5d4551211afbe199
4dd40b8838146b0712aa777db70928e6f05c52a56db90a4d0343249f648abbb0
5032e6e296efe960663b74e7a1d53cc0b8b2d27bca1b8c2035d01cd472678fef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56ebda94d6478196d5391841e1d609071f140d0bc76de175732003eebbd6d789
5b90ea3f9001747673ebb93d81aa633626d34bbed614930a63d40338425baf50
65d642d85dded23a43f25e565c681da161cc028b93ec3c339e5de1516fe70f32
686575f9db7aac303876fe05f4f43abd2a270d9d600ed32adedbec14079f8812
6b75a716f8adab9301528cc3ed19adf6a2f904deee604c6da071b4af6c9fed0e
6e7e373161ca6381241828ee57aca6d41501cf4da91f957db8c7e2de9e5f989f
7d71dc965233bc38ef8b711e803e6e533eefb94921b234e077e43945a8eda657
7e4cccdd88c7e2d1b8ba42e9dab0b3499d4d6fbea1922c597759f57449a5a223
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
862504070144a4b17a0e507cb065e52a8e243d9e3a522e2a1a9774beb5643a6e
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
8b9c890819987d3f4c4195fc85076e5e84b719800582edc339dd19b9e661ab73
8ecfe35b51a590b889eb63802cb67e9e9d5df3510d4efd080f97001a2984a982
93144af1db6e8d897be7355c0c8366c2983bef1127ba95a88e68027d03d71e6b
9b5600d2cdb6c6a870ac02ae7fdf32e0fbf7949ca5be25d9a88b7d21a148fe59
9d4b0ad8a72cc790a42fb6ebd4b703ae10805f8ff9ee10a2f78f2964049a7c21
a061c55288641758d1e3ce1c9f1a9a6e65489b07e0be9c7f71af397472ce1fd1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b48ed5389d853c1555cd70a4a71d3483285dbf944ac48615e27194b23ab31e85
b570648176870ced9c27d3c7d4639f3e09335719e775e6246e5ad7bbcb7e8757
c947e474be572065baeecb78032a666d1572ae48df3cf87b4c2f39c4e6230411
cad428af6f3387db51dd687dc17da307c69a3537a9c1ef3052d29f9f456c8407
cccf165ed1b87949fb74a28d313ba8599b9bfbe56749f68ea40ffc3c97ef4c1a
e23fa9348ee322425a2f0e554528e0523003e4952d865aa85f7b61889bbdf2ea
e41c674d770ddc0e2f82b80c77eb5ff386abcd32a31764592e3799e29aa22095
ef9c1b23d15a9927be6f10e2bfed6c5c591da3bbdebccadad70fe3251c39c3f5
f3f80df2d9490548d1b3645c1a8d48294931191cedba63fe3d4f6ae9bedbd85c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

federation-admr.alsace Open in urlscan Pro 2606:4700:3035::6815:57a4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

92 %HTTPS

75 %IPv6

8 Domains

8 Subdomains

8 IPs

3 Countries

647 kBTransfer

1088 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

federation-admr.alsace Open in urlscan Pro
2606:4700:3035::6815:57a4 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

92 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

647 kB
Transfer

1088 kB
Size

22
Cookies

49 HTTP transactions
0 data transactions