urlscan.io logo urlscan.io
SecurityTrails logo

breathtake.cfd Open in urlscan Pro
2606:4700:3037::ac43:b00a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415
Effective URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Submission: On August 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3037::ac43:b00a, located in United States and belongs to CLOUDFLARENET, US. The main domain is breathtake.cfd.
TLS certificate: Issued by WE1 on August 13th 2024. Valid for: 3 months.
This is the only time breathtake.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 141.98.1.242 174 (COGENT-174)
24 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
29 3
Apex Domain
Subdomains		 Transfer
24 breathtake.cfd
breathtake.cfd
759 KB
4 trk-elevostra.com
trk-elevostra.com — Cisco Umbrella Rank: 357103
event.trk-elevostra.com — Cisco Umbrella Rank: 369321
3 KB
1 hydrotrailers.com
hydrotrailers.com
421 B
29 3
Domain Requested by
24 breathtake.cfd hydrotrailers.com
breathtake.cfd
3 event.trk-elevostra.com trk-elevostra.com
1 trk-elevostra.com breathtake.cfd
1 hydrotrailers.com
29 4

This site contains no links.

Subject Issuer Validity Valid
hydrotrailers.com
R10		 2024-07-31 -
2024-10-29		 3 months crt.sh
breathtake.cfd
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
trk-elevostra.com
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Frame ID: F8BA712DA6000C9788465D1E2FB1FADE
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Prämie ausstehend - Online Survey - Wir wollen Ihre Meinung!

Page URL History Show full URLs

  1. http://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/6809... HTTP 307
    https://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/6809... Page URL
  2. https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

763 kB
Transfer

1562 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415 HTTP 307
    https://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415 Page URL
  2. https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415 HTTP 307
  • https://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
680931415
hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/
Redirect Chain
  • http://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415
  • https://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415
155 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.98.1.242 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Aug 2024 00:06:29 GMT
server
nginx/1.12.2
vary
Accept-Encoding

Redirect headers

Location
https://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415
Non-Authoritative-Reason
HttpsUpgrades
Primary Request 95e8c4c8a3e0595446d50a7566a67c39x
breathtake.cfd/35127201/375704/121881583702/227503/ 		732 B
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Requested by
Host: hydrotrailers.com
URL: https://hydrotrailers.com/0/0/0/de6e019dda83a411159e7f108c976557/19b-3004754-13469185-204394-237-/680931415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d89ff1be48cd3d9bd2fd008128c61b59956d0b4dc4e3ce08cae7458ad3ebd13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hydrotrailers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b6660a44c9418d1-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 21 Aug 2024 00:06:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YnVPc85sBrmnusXgPaSlvAwMuJWIf0BsxJuCu1QCxS7ej9vZrC8Vj%2FmlZKZtihGDHMXg2OIgE1x42MOcO8KLeMy3Lpci5z%2Bd4zJwpexejVPeO5top9u4XWJ9202tdMuQKs1guMo4hngf7vM7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
ruee
breathtake.cfd/pblg/kxeg/jkvk/ 		54 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f&_ax=w
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e54930673c6ca319e37697058e35bff5a313d77558b856bcddcbbedad0464f9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoAOUdk25aYbFOQmUxuQfQoG59xw%2FbuEhL0RYzYpqjHZqLzQiidQ%2Bqlw6gmwdc6pGTZgVHMOXBHV8%2F549MEF%2F83qEsuszWMsW5OkujCKgtKwl5VuQbqCPf7UTr8LOpuGILTSp7AJyDgI%2BqehJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8b6660a9687518d1-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
breathtake.cfd/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:30 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
271767
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 23:17:43 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3MgnM9RUt6zJS631sAJUiDZRCf1LMmP75%2FZ1DK7EQZBpfZ5W7OUdST88D3cNZuJF27xvJtZSoZvz9mlk5PRNwprXNTfJpg2G8XjSBrGb70YjNCn%2FBO4jOOGgtK7uo2QBjsFSYhNysEapPpxDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660a9e90b18d1-FRA
expires
Sat, 24 Aug 2024 20:37:03 GMT
bootstrap.min.css
breathtake.cfd/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261650
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=drjHzIbkb9eoMQenPoxat6wP3GvLx3Jn0LmRrQ3JG6TaaoKgM317hohmyPbZObZX7pXM0hYhH5TB4yAyN06nUp0Gy1fdcDj9D4T2HjZX7NhkfQpB4RUEpuMZAsm46rMYVZuk%2B%2F4C09j5geZslw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660ae3c0718d1-FRA
expires
Sat, 24 Aug 2024 23:25:41 GMT
all.min.css
breathtake.cfd/assets/vendors/fontawesome_pro/css/ 		496 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/vendors/fontawesome_pro/css/all.min.css
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261650
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:24 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q3n5mrPHMs3f%2Bg6BKBLvSGezTGkgBHNqxGff4f%2FFf3nJOH0%2FI5prs0GBeQO%2FA6lyXLaUOGteJHeRL%2BvgtwcngZ0VIVHLBrl7POZEM3hggOvMwgVTqaFhDKYq%2Fodd%2F3D1cUKKXMtn1cNJBEpVRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660ae4c0918d1-FRA
expires
Sat, 24 Aug 2024 23:25:41 GMT
common-hybrid.css
breathtake.cfd/assets/css/dublin/dist/ 		51 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/css/dublin/dist/common-hybrid.css?v=27c778feb626ed54a74f4bf629411384
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4cda0f41d5847138cacbfbfa7c5930fff48265bffd844ac98df22c9fbc18560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Jul 2024 20:26:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=282OBeqtFYnpnnVoH0tnAl1kKjVi86hP%2F3cllGrDY5rVnw77TPM1WbF7wRzcYnx%2BRKpw8f%2F1w6YjwVPtwxfi8KYN5%2BGnUydP8WzsI3sCt9gPtLn7IxRXL0vXBmqZ0Vpo%2FPUTD5VfDrBy8OIoJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660ae4c0a18d1-FRA
expires
Wed, 28 Aug 2024 00:06:31 GMT
msg.v3.js
breathtake.cfd/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/inc/msg.v3.js?66c52f87294d9
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fefa3e85fed59b89802e41266cac25ccf6e15137f69b18b14f783e1719207106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Jul 2024 13:46:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOcq8o0CgbX8Zol%2BE2RW0eTYxfgSN5%2F4FYD%2Bx1Z9Xd6AWPumcDA%2FG%2B0%2Bpc%2FaZsyHV1zfxrXZ3SCIVgEmDBSfyuzXi0nG3PF5%2F%2FRY10K3hnIx1K%2Fw8%2FtW8g0LPhvgjqxsBoMWIjBvkEE2YmtAGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660ae4c0b18d1-FRA
expires
Wed, 28 Aug 2024 00:06:31 GMT
onlinesurvey-color.png
breathtake.cfd/uploads/archive/company/175/images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://breathtake.cfd/uploads/archive/company/175/images/onlinesurvey-color.png
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166394
alt-svc
h3=":443"; ma=86400
content-length
41556
x-xss-protection
1; mode=block
last-modified
Thu, 10 Mar 2022 19:58:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGV%2BNLSoiUlsPdBj6bMOMzAwHF49PiP0xkGG5y9%2FCzrOApv%2BZ4Vm%2B0in4iQgz2M5qH7YwHF4xIak%2BZVRKigbmeZW7ZcCOB7uiY2wcy5jzPiA8YYrj0KzNHJZyUZRw1dnUui6QkxyJd1pgPZWOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b6660ae4c0c18d1-FRA
expires
Mon, 26 Aug 2024 01:53:17 GMT
flag-de.png
breathtake.cfd/assets/images/flags/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://breathtake.cfd/assets/images/flags/flag-de.png
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d826bf62262fb8d66325774d1cefd98501ab9e70d614f2c140e5762edcea08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261650
alt-svc
h3=":443"; ma=86400
content-length
1431
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:39:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AKha5XiT4lBiS3T3WTSHyctVLx9XHRRJSnNJ%2BmDloz%2FObGK2Y7MBtLHKmznWSZWwOSJzq7DPoXrE7t2CkZIMJfKndkl9yYFdQqdwRM5hREJTpgM%2Blcgd2F4p8DEwA45CdXyr3MdUaMWCVL55Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b6660ae4c0d18d1-FRA
expires
Sat, 24 Aug 2024 23:25:41 GMT
4.png
breathtake.cfd/uploads/archive/product/40/images/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://breathtake.cfd/uploads/archive/product/40/images/4.png
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021e62fc12d39ebcbd5469276bacc42d316df808b8b9623b329391f771f49343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261650
alt-svc
h3=":443"; ma=86400
content-length
129897
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 14:57:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=diqMBye3Kh1wY8AXc1LcdHn0cC8HZe50%2BAr%2FJGAbT6vtD2DxB9u1hlZ9d5vYdpjZi9mCd%2FBLjawfakkXZerVFna5AsV36AA2It0okE6Xt3q0zvWnz6VQiTNelGsmTVmPpeRSz5tN9T4wOTUhgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b6660ae4c0e18d1-FRA
expires
Sat, 24 Aug 2024 23:25:41 GMT
email-decode.min.js
breathtake.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Aug 2024 15:09:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66bb771c-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvbR3zl1dqJ0lP5nIFYDsbBF76FNnluKMdC3wGtKCryEczDkBEibdQMMbggADxCo26GAI05nQUeb01Gq%2FkHhfG0L3gXGYxBCVbIZLqhs26vBg%2BU1I4%2FKFtH3pAdk%2BiYLDxcnxgWZ9PQiECle%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8b6660ae4c0f18d1-FRA
expires
Fri, 23 Aug 2024 00:06:31 GMT
jquery-3.4.1.min.js
breathtake.cfd/assets/vendors/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265811
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FxigR6wh6fnoJrbxfzjzCTLfxBIdGaQyFSOh%2Brq73NmkFgyF%2BL61Pbi%2BT3gzNT7sRA0ZQ2bKZmhHrB%2FPOjnnvyd3Aw8dqCnRVOFaFGyZkhByUYbKQoUAQ3NylpW80Hz7UPAITQOEHVXBitcVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660ae4c1018d1-FRA
expires
Sat, 24 Aug 2024 22:16:20 GMT
bootstrap.min.js
breathtake.cfd/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265811
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dSk%2B9L6Id8R%2BnTtYeuQMb6%2BFYzVrSwhhzfbCO%2FwJCW70Y7Gze0hyGSKcttREU3lsh3Yzh4oUch1UZSQG29PjdTEb9CwztpEOVjeTbFgu2t0ngeOmeu1yOCWPvWbECRFRVUA%2BQ%2FE326Lh3XEwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660ae4c1118d1-FRA
expires
Sat, 24 Aug 2024 22:16:20 GMT
functions.js
breathtake.cfd/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/js/functions.js?v=27c778feb626ed54a74f4bf629411384
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4921e86e1c949a33cc2b898550944940b1c1a63d84eb852af1fa71dd33d49b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jun 2024 19:17:35 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Kj1wi08GXcbl7nRp5I%2Fu492Phy%2Fa2FRswoWrSuIGy1nzlPWSnpDNG3iNTjHNfW%2BLmqqZSSI9ZoW0WC1KbMiAjXyJRxMIRubh9w9KrQGaY%2FwFmTew%2BdZ2PAMTU5gSbFsY81PoR4jOMjaBk6mZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660ae4c1318d1-FRA
expires
Wed, 28 Aug 2024 00:06:31 GMT
gbvar.js
breathtake.cfd/assets/js/ 		41 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/js/gbvar.js?v=49
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 21:29:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ZJWoT1G0wXzYISRmQ9xqIrHIkeSUp3oLSQkI%2Fu3fU%2BnYmQIc5NiAXcStEe9ZwTgTvOu%2FI%2FGZu2GzIOWEKMrW9ce0w43NDPiyDyKl%2FPknLH0ScpJy8M%2BHYs1X8gmlPGuFXXASOD6YwX1fY2hXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b6660ae4c1418d1-FRA
expires
Wed, 28 Aug 2024 00:06:31 GMT
intl_functions.js
breathtake.cfd/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/js/intl_functions.js?v=27c778feb626ed54a74f4bf629411384
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415fcc5436be9039699e31bc9cbd8e6d8b23410581b0a72dac505d9fad85c691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jul 2024 19:31:48 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwnr7zbruW3oP6wVmMJIln7Ho%2B38FfRH8qoE02Wa6qEvDugNBLIYaAD7Dh0VUfHcJpl7Ys1aVOAxFk3er0jODZRH8JRMu3k2OPzfdSydiTfHZhHt7myswjPKDuX5p7A8cjDtE5fY%2FTE%2BsH9Abg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660ae4c1518d1-FRA
expires
Wed, 28 Aug 2024 00:06:31 GMT
common-hybrid.js
breathtake.cfd/assets/js/dublin/dist/ 		108 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/js/dublin/dist/common-hybrid.js?v=27c778feb626ed54a74f4bf629411384
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/35127201/375704/121881583702/227503/95e8c4c8a3e0595446d50a7566a67c39x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f4e4f37330f7a80ce50fd3598d0867a5f103b3386ad293025ecee30dda238ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Aug 2024 16:24:43 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gv3dFMvyxco4RnydJ7DQYJT0M%2ByDG3uAdmWp4ghbhdpv4teKDX9JLyqutAO%2BVyUx650idGRGS2UBRiiJ93XnQEKg97o93aU4UVA%2BnyMPBZjq%2BmUoPoOkuwhOTutinQIt05BLJgHqR3BeQRAHeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8b6660ae4c1818d1-FRA
expires
Wed, 28 Aug 2024 00:06:31 GMT
v9e118mez8
trk-elevostra.com/scripts/push/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-elevostra.com/scripts/push/v9e118mez8
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/inc/msg.v3.js?66c52f87294d9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1537
alt-svc
h3=":443"; ma=86400
content-length
2519
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Aug 2024 23:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kt7YKUm0YSuVgCwcfuNFTzjGrQ2kEb4ME0gzA6lyUG%2FDLGiSp1GAekErcdXj%2FZMllGQNXj6U2RjxMSPcLPLsmb92OE411wFbS9h1vXUe1G4IpAgZtY3IHceFXNubDA4Bep1jtlMKekXuMBUO5y6mHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
cf-ray
8b6660b15fea2c4f-FRA
expires
0
/
breathtake.cfd/ 		41 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/assets/vendors/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5bb2d12a790b8d33ddafb4960e1cd572a94948a0e240bfeb3dfc9d7d83b784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Aug 2024 00:06:32 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gzru%2Fif15ZW4T6KLpxzQcKSVGE7yvUKzIYUp%2F2AOKCdvQy9cHDu5SOhkusQtx8O57moULsgoqMmZnu92xSslj%2BEATnuKyPUBl5wcdESXxsC%2FcM5B9hFPL3FHZEy3t17Vjj1QDpm9X%2B5BzUF5lA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8b6660b0de8918d1-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
fa-solid-900.woff2
breathtake.cfd/assets/vendors/fontawesome_pro/webfonts/ 		320 KB
321 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/assets/vendors/fontawesome_pro/webfonts/fa-solid-900.woff2
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/assets/vendors/fontawesome_pro/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/assets/vendors/fontawesome_pro/css/all.min.css
Origin
https://breathtake.cfd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261649
alt-svc
h3=":443"; ma=86400
content-length
327824
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XRjxEkajAI1XsiS5cY3KHeUzL3bL%2Fs%2BxWMT660yOeC7V30WKpQ9ukYcWwX5mnCYUZQgFuxqkKlqP5wdvUX%2FdSz%2Bt3WdBcYtYkOqvceYhJZYVYJjYTKJeAVfoh34sT6160PN7LDhGcNnz4Smkkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b6660b11eca18d1-FRA
expires
Sat, 24 Aug 2024 23:25:42 GMT
ci48.jpg
breathtake.cfd/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://breathtake.cfd/assets/images/ci48.jpg
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81916ca871bf7a29a95ef7a320bda57510ba5f236258d1af77b293145fadc99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44833
alt-svc
h3=":443"; ma=86400
content-length
4167
x-xss-protection
1; mode=block
last-modified
Tue, 28 May 2024 18:44:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8Qf5mFBasOx4rPCR4OTYaoLxQJ7DQPrzbSnZa7dMq8Pga4wo0mINbIKC2%2B1OkRpFpr7A91UMl3oLIq4XP%2BEKCRwmy80VUoOsLDt2EmEjeCfsGU94RbjFRdg3j4sn6qL51wnbNl4akuGue%2FLAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b6660b19f3918d1-FRA
expires
Tue, 27 Aug 2024 11:39:17 GMT
ci39.jpg
breathtake.cfd/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://breathtake.cfd/assets/images/ci39.jpg
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a20a3f9ef67e375c931e89635a684d0964eee45f1413a60362079b4ed4913f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3761
x-xss-protection
1; mode=block
last-modified
Tue, 28 May 2024 18:44:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5WogTwCAvU1TD2srBrG6l8gQj8GFxfrQgLD4tfAMlmaWC30AAp00wP862rnkK3za7vQbRM29VjNBxAo9BRCpEDWLX40c2zIRUbQqHxu%2Bky92Ozu6j4vq9pRiS3TzzevL2Z1pBcG2o56b8gqeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b6660b19f3a18d1-FRA
expires
Wed, 28 Aug 2024 00:06:32 GMT
S4349956.jpg
breathtake.cfd/uploads/archive/product/40/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://breathtake.cfd/uploads/archive/product/40/images/S4349956.jpg
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
904426131894370992ab9930bd6e618ba60b91119ed15e63b66e2fe91c3edf1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261650
alt-svc
h3=":443"; ma=86400
content-length
13827
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 15:00:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lf2V7UzvJUJVkQzw%2Fdjmkvp4vUsgYviWKPgsWeivHGPx%2F%2FkT31eKzWSID%2Flj1djDEDQItCatbWxM0yI9FCgTDtjd%2B8r6IcjjfOW2Kj%2FQOA0cVygaPs0FCHUAaqTcA1rJ8Bp8nDmJMtnpzMWQkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b6660b19f3c18d1-FRA
expires
Sat, 24 Aug 2024 23:25:41 GMT
ci6.jpg
breathtake.cfd/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://breathtake.cfd/assets/images/ci6.jpg
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec006ed8744a3d28521058de2dcf88a3b2b6675af4c094410bdc7026db636d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 00:06:32 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2258
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:27:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTeEpemJES4mcLIqgmTIZwPeaYuJJbxFqpKeV2V0TinBATgSIqDCcM1b7r9Vl6ZoozisCsTwugJiX9EAIs33efafLf8r55FzPDgeXylglfCpUbxkH85%2FN3zMXZzbPbOvIae%2B0ah4YjV8tBmEKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8b6660b19f3e18d1-FRA
expires
Wed, 28 Aug 2024 00:06:32 GMT
/
breathtake.cfd/ 		25 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://breathtake.cfd/
Requested by
Host: breathtake.cfd
URL: https://breathtake.cfd/inc/msg.v3.js?66c52f87294d9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b00a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Aug 2024 00:06:32 GMT
content-encoding
zstd
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BBJInuZFgjOMNpg8aAvrwhFn5Hdg6HzMmzPEajXi7ZnDpWXCJuYMBkf0XuoRLQHhDjrOj0uB4fjrp6TgcWOpPACiBypcDlYrLZw5rtFEn1GdgW3f67hQCz5sbTi9n5G5aPDQM8Oj0dOVjVIDw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8b6660b1bf5018d1-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://breathtake.cfd
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b6660b73849bbf8-FRA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Wed, 21 Aug 2024 00:06:33 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8MLTMdpZSUfYXIAbWaNUPGfpaQ5wtZKwccZEzhLOjk4FU3JDB6H%2FmR1GSLWH0oEPkTxgySiM9%2BgjvZmYBapa9W%2FnB7Egchq3emmD7Eq%2BPE7dsqZ7adfCWUwVZnrb1MUXObzzbwj8%2BTmkVn40RclS3wXsbY4kg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Wed, 21 Aug 2024 00:06:33 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0qbORjn2oaievQFYT2gmEE8X8CDMldj2bCzUIpY%2BidfZElkJUnELK%2Bna9fQv2picsJUtx3FagLozepzBmJ73WtIzYD16sIGOl8hFsaug%2FJffHO8yx%2F4mJQujIE9Jlz5ZIQ1HmsAgM6b4VWMz%2FmFWqcK4EzoDgg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8b6660b9c9d3bbf8-FRA
expires
0
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://breathtake.cfd/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Wed, 21 Aug 2024 00:06:33 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=181Nraw162wFnD6mfRhFRS2e%2FeMslqnGG95svfYwhszxpIIXgUoRGT9GONOt6oENmXF1Kv0CIRU2dbhw8R24%2FZya2Txk0bioa1GC1bfx%2F7wgZmkDyqAXAkMlsluFOmsj0NmPxg4VvKS5zbjnax5zkbOQ2HPYpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8b6660baca98bbf8-FRA
expires
0

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint function| $ function| jQuery object| bootstrap function| datehax function| startTimer number| duration string| popUrl function| getPopUrl string| rightnow object| currentdate object| months function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| PDN string| FNP function| a0_0x4c75a9 string| attrChoices string| domain string| pipeline object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| replaceUrlParam number| time_popup function| startTimerPopup function| showModalPopup function| popunder function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| emailPixel function| overflowP function| showDisclaimer function| preventS function| comment function| like function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU function| showModal function| showOfferWallU string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| languageCode string| countryCode string| questiontx string| of function| putVarCommon function| count_p function| mfq_tags function| fadeInImgModal function| a0_0x2ef4 function| lazyLoad function| a0_0x5082 function| lazyLoadStartSurvey string| prod_var string| pname_modal function| cheers function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes

2 Cookies

Domain/Path Name / Value
hydrotrailers.com/ Name: uid2275
Value: 1218815837-20240820200629-a9400da8d0f53bdb8c14184d266ae964-3757
breathtake.cfd/ Name: PHPSESSID
Value: 80a45ab438cc51202aab362ac477e7e8

1 Console Messages

Source Level URL
Text
other error URL: https://breathtake.cfd/pblg/kxeg/jkvk/ruee?c9705afb5919897c2e40ea048a91af4f
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

breathtake.cfd
event.trk-elevostra.com
hydrotrailers.com
trk-elevostra.com
141.98.1.242
2606:4700:3037::ac43:b00a
2a06:98c1:3121::3
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
021e62fc12d39ebcbd5469276bacc42d316df808b8b9623b329391f771f49343
0d89ff1be48cd3d9bd2fd008128c61b59956d0b4dc4e3ce08cae7458ad3ebd13
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
415fcc5436be9039699e31bc9cbd8e6d8b23410581b0a72dac505d9fad85c691
4921e86e1c949a33cc2b898550944940b1c1a63d84eb852af1fa71dd33d49b1a
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5f4e4f37330f7a80ce50fd3598d0867a5f103b3386ad293025ecee30dda238ba
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
75a20a3f9ef67e375c931e89635a684d0964eee45f1413a60362079b4ed4913f
81916ca871bf7a29a95ef7a320bda57510ba5f236258d1af77b293145fadc99e
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
904426131894370992ab9930bd6e618ba60b91119ed15e63b66e2fe91c3edf1e
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
a4cda0f41d5847138cacbfbfa7c5930fff48265bffd844ac98df22c9fbc18560
b7d826bf62262fb8d66325774d1cefd98501ab9e70d614f2c140e5762edcea08
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e54930673c6ca319e37697058e35bff5a313d77558b856bcddcbbedad0464f9c
ec006ed8744a3d28521058de2dcf88a3b2b6675af4c094410bdc7026db636d23
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fa5bb2d12a790b8d33ddafb4960e1cd572a94948a0e240bfeb3dfc9d7d83b784
fefa3e85fed59b89802e41266cac25ccf6e15137f69b18b14f783e1719207106