fivefieldsski.com Open in urlscan Pro
2606:4700:3031::6815:5c70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fivefieldsski.com/
Submission: On May 05 via api (May 5th 2024, 9:46:29 pm UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3031::6815:5c70, located in United States and belongs to CLOUDFLARENET, US. The main domain is fivefieldsski.com.
TLS certificate: Issued by GTS CA 1P5 on May 5th 2024. Valid for: 3 months.

This is the only time fivefieldsski.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3031::6815:5c70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:21:... 2606:4700:21::681b:c959	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.192.23 172.67.192.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	8

9 2606:4700:3031::6815:5c70 (United States)

ASN13335 (CLOUDFLARENET, US)

fivefieldsski.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::681b:c959 (United States)

ASN13335 (CLOUDFLARENET, US)

nx-cdn.trgwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

angkatogelhariini.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.192.23 (United States)

ASN13335 (CLOUDFLARENET, US)

fivefieldsski.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	fivefieldsski.com fivefieldsski.com	1 MB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 421	128 KB
5	gstatic.com fonts.gstatic.com	39 KB
1	angkatogelhariini.org angkatogelhariini.org — Cisco Umbrella Rank: 261871
1	trgwl.com nx-cdn.trgwl.com — Cisco Umbrella Rank: 442326	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
25	6

	Domain	Requested by
10	fivefieldsski.com	fivefieldsski.com
7	cdn.ampproject.org	fivefieldsski.com cdn.ampproject.org
5	fonts.gstatic.com	fonts.googleapis.com
1	angkatogelhariini.org	cdn.ampproject.org
1	nx-cdn.trgwl.com	fivefieldsski.com
1	fonts.googleapis.com	fivefieldsski.com
25	6

This site contains links to these domains. Also see Links.

Domain
tinyurl.com
www.fivefieldsski.com
direct.lc.chat

Subject Issuer	Validity	Valid
fivefieldsski.com GTS CA 1P5	`2024-05-05` - `2024-08-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
trgwl.com GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
angkatogelhariini.org GTS CA 1P5	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://fivefieldsski.com/
Frame ID: F23B296EC2BB7CC9B8A77C29D86D13F2
Requests: 24 HTTP requests in this frame

Frame: https://angkatogelhariini.org/
Frame ID: 93193A73D031A1E1220CBEBF5B014518
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

25
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

8
IPs

2
Countries

1311 kB
Transfer

1696 kB
Size

0
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://tinyurl.com/B3t3vE4d-y/desktop/home

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/desktop/register
Title: Daftar

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/mobile/home

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/mobile/register
Title: Daftar

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/login
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/register
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/mobile/login
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/mobile/others
Title: Togel

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/mobile/slots
Title: Slot

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/mobile/casino
Title: Live Casino

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/mobile/sport
Title: Sportsbook

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/mobile/poker
Title: Poker

Search URL Search Domain Scan URL

URL: https://www.fivefieldsski.com/
Title: judi online

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/about-us
Title: Tentang BTV4D

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/terms-of-use
Title: Syarat dan Ketentuan

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/faq
Title: Pusat Bantuan

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/responsible-gaming
Title: Responsible Gambling

Search URL Search Domain Scan URL

URL: https://tinyurl.com/B3t3vE4d-y/mobile/promotion
Title: Promotion

Search URL Search Domain Scan URL

URL: https://direct.lc.chat/13406403
Title: Live Chat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fivefieldsski.com/ 61 KB
13 KB 542ms
474ms Document
text/html 2606:4700:3031::6815:5c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fivefieldsski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5c70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96cf2cde4a3486708804549f900518ff792ab46590e44e1a8e15ec95f201f134

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87f3ec485b439a41-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 05 May 2024 21:46:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UnUilb%2BrFt9aJu8TPdqNecSCVgsIwnAuuI1NbT6Y5PMrRl%2Fsl20zu4AE15wlUirGbxKcHM5VNHBWD608qPY%2Bv1%2BKdx0SOhUHALzzd4tb9qDsqR7Xqzy%2Bt%2FxSzYl7IxKABBT2lzetz42Jt4AOIdWbKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 88ms
34ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oxygen:wght@300&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: fivefieldsski.com
URL: https://fivefieldsski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b0b904d8b0a91076d16a4b0e449c4921e8cb446579156446f55945ec518c054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 May 2024 21:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 May 2024 21:46:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 May 2024 21:46:23 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 181ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: fivefieldsski.com
URL: https://fivefieldsski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

729cf39187bda4533a392944f2802d8f8b9e8a0048676ec6481bf35a98713a43

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 05 May 2024 21:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73092
x-xss-protection: 0
server: sffe
etag: "1e5bf2819ff421fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 21:46:24 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
9 KB 193ms
69ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: fivefieldsski.com
URL: https://fivefieldsski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

919f101268e78b5b6abb55fbd23a69440aceb70f5b317b33732ad7886bcb24c6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 05 May 2024 21:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9634
x-xss-protection: 0
server: sffe
etag: "818095d23d3a02c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 21:46:24 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
12 KB 154ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: fivefieldsski.com
URL: https://fivefieldsski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a9ec3741d1a5a82fea35cc0dd0f694f98a7b3df40fd16bab7a63c1ecce2c63

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 05 May 2024 21:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11488
x-xss-protection: 0
server: sffe
etag: "3c5fa826bbd87f24"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 21:46:24 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 159ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: fivefieldsski.com
URL: https://fivefieldsski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c1d82c3e5fd23090cda5c222720adb7e13079a9d95e4ba064719518d141c7bd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 05 May 2024 21:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8942
x-xss-protection: 0
server: sffe
etag: "80464111fe233b41"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 May 2024 21:46:24 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 112ms
49ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oxygen:wght@300&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://fivefieldsski.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 00:27:41 GMT
x-content-type-options: nosniff
age: 508723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 00:27:41 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 110ms
47ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://fivefieldsski.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 10:16:35 GMT
x-content-type-options: nosniff
age: 127789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 May 2025 10:16:35 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 83ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://fivefieldsski.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 480716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 08:14:28 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 85ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://fivefieldsski.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 14:28:39 GMT
x-content-type-options: nosniff
age: 285465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 May 2025 14:28:39 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 90ms
28ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://fivefieldsski.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 14:31:35 GMT
x-content-type-options: nosniff
age: 112489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7824
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 May 2025 14:31:35 GMT

GET
H2 200 logo.png
fivefieldsski.com/assets/imgs/ 14 KB
15 KB 742ms
713ms Image
image/png 2606:4700:3031::6815:5c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fivefieldsski.com/assets/imgs/logo.png
Requested by: Host: fivefieldsski.com
URL: https://fivefieldsski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5c70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 130697b5c76693930c189c33ea2efb684597cccf8d5c2bea069d6840e8915a67

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:24 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 12:04:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzseTraSDzgvmHUaXOkcr0aC1sGtxARxwhbb%2BCa%2FGWQhN1vbCN4eP6O9ubRCk%2FJmt1kf%2BoYX7O34IYS0bJjK6Ls63%2BCFrT5V%2FSYhqUFEEH6RdcQsIuxvDNvRtapMSz7JZSmXg1qzUHLLw1vXXEKWGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 87f3ec4d2f9f9a41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14612
expires: Tue, 04 Jun 2024 21:46:24 GMT

GET
H2 200 news.svg
nx-cdn.trgwl.com/Images/nexus-v2-charlie/dark-blue/desktop/home/ 2 KB
2 KB 704ms
581ms Image
image/svg+xml 2606:4700:21::681b:c959
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-v2-charlie/dark-blue/desktop/home/news.svg?v=20231123

Requested by

Host: fivefieldsski.com
URL: https://fivefieldsski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:c959 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d62d3be4328933bde33f675d65b44a28d0c4f60e2bf3d63f0e9054dbc4544b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:24 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 27 Sep 2022 04:33:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0d3893a2ad2d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zV%2FTGOoxEgjNaErY6XJBWnM0zu3Xoqqgag7De%2BS9gjL1iCS5c1O7X76Ghpa500VRuEI8vzbKJqKhwsDi%2Bctx6So4nHZqBWhUM%2FEDeYxEYXlrAfKKXf6JFZgA%2FrT8bX1IB4CKCk2mXBk2k4YBD8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 87f3ec4ded0191de-FRA
x-xss-protection: 1; mode=block

GET
H2 200 banner-2-copy.jpg
fivefieldsski.com/assets/imgs/banner/ 484 KB
485 KB 890ms
862ms Image
image/jpeg 2606:4700:3031::6815:5c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fivefieldsski.com/assets/imgs/banner/banner-2-copy.jpg
Requested by: Host: fivefieldsski.com
URL: https://fivefieldsski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5c70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7abeb3f8f1b71048535a8b5f53b4af2cfd617c178bb05709f80b0ff674cd5d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:25 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 15:23:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2Ft3XYVyHlbRauqND8%2FfL1PjOLwVvmOTjxMshOd%2Bb7UgnLoqBqpT9Nj%2BR5ARtgpjTeRc3dABIAbDfzB%2B7rmHjaLzKJ38K7ASsDV9oD4WvNBHLN%2F2BfqafsBSmZ7jAdNvZA5sdIPoH3IjoJYsWVPZ5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 87f3ec4d2fa29a41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 495553
expires: Tue, 04 Jun 2024 21:46:24 GMT

GET
H2 200 button_togel.gif
fivefieldsski.com/assets/imgs/menu/ 107 KB
108 KB 761ms
734ms Image
image/gif 2606:4700:3031::6815:5c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fivefieldsski.com/assets/imgs/menu/button_togel.gif
Requested by: Host: fivefieldsski.com
URL: https://fivefieldsski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5c70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b7e8922a6a628180c5100c84882afbb4a4addef8e127d66dff747039ac66b8b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:24 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 11:48:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fLr9VxiG6NbmTIeiFO3ZwssSyh3AQDp9P%2FFTcBF9OZfVKDoK2nDoC7ttXMAFvFxQJ1gjAVF8%2FR6WP%2BrjMM4a2aiFqUV2I2yTRp9ngjkd9FIY9g8JN8RmpAb0Jt2Y2ryENdzJV%2BCp%2FjihmpS8I0h%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 87f3ec4d2fa59a41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 109926
expires: Tue, 04 Jun 2024 21:46:24 GMT

GET
H2 200 button_slot.gif
fivefieldsski.com/assets/imgs/menu/ 118 KB
119 KB 679ms
653ms Image
image/gif 2606:4700:3031::6815:5c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fivefieldsski.com/assets/imgs/menu/button_slot.gif
Requested by: Host: fivefieldsski.com
URL: https://fivefieldsski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5c70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3972bb3f436609007cca4dd7a43ecd215930868128134d2311e8f3fae5a667cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:24 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 11:50:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=donnlVit5OoivWHk0p%2BnpOezFZoyDW56UZM1c21EcFByxiLpSDkertym%2FCCemDbEfvOGOICXfOZWulFnJqvIOw4p2fYTFjH4%2BV%2FVBS%2BRujBZFa2TJzbhuFN22oW9pMqVswHxSN2%2Ff2GfGp%2FAQO1TEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 87f3ec4d2fa69a41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 120962
expires: Tue, 04 Jun 2024 21:46:24 GMT

GET
H2 200 button_live_ball.gif
fivefieldsski.com/assets/imgs/menu/ 95 KB
96 KB 974ms
948ms Image
image/gif 2606:4700:3031::6815:5c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fivefieldsski.com/assets/imgs/menu/button_live_ball.gif
Requested by: Host: fivefieldsski.com
URL: https://fivefieldsski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5c70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf4151602e3456c139f62db41f1702f761f9e7ab99bec62257417414ce707b7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:25 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 11:54:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UBkVAOsF7nEVawmiUHyt7M3M%2Fupe%2FlmHyp9GTrabFW43bfD6bao0fmaaevMzFacKZW5iFbhi4SfWoaYpra7Cwswr5j7gEpwsEf%2FVETcohEUx%2F%2Bg0EOZXWPbkC7%2BzN8KAF6RJ5CB4%2BmxPcnMvlDEn3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 87f3ec4d2fa49a41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 97706
expires: Tue, 04 Jun 2024 21:46:24 GMT

GET
H2 200 button_casino.gif
fivefieldsski.com/assets/imgs/menu/ 85 KB
85 KB 844ms
818ms Image
image/gif 2606:4700:3031::6815:5c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fivefieldsski.com/assets/imgs/menu/button_casino.gif
Requested by: Host: fivefieldsski.com
URL: https://fivefieldsski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5c70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065635d6e222622987d594711506d4cbeadcf754f014de87ba71869ea95a4e3a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:24 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 11:52:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rnz6s3uLxPrXwVFqmo806y1Rr0Ojh6Mmyhqb6x%2F%2BPl9LTiiYV5TLP0G1bFK1siP90fc7s8IdSa8vIPwD%2FpaAyT53%2B44dKk8yhAg%2Fpm6d%2BtpQYAt78XXtLkJJzHpe4lST8cxbwDglYztZnioCYo%2Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 87f3ec4d2fa19a41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 86856
expires: Tue, 04 Jun 2024 21:46:24 GMT

GET
H2 200 button_sports.gif
fivefieldsski.com/assets/imgs/menu/ 113 KB
114 KB 938ms
912ms Image
image/gif 2606:4700:3031::6815:5c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fivefieldsski.com/assets/imgs/menu/button_sports.gif
Requested by: Host: fivefieldsski.com
URL: https://fivefieldsski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5c70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd113d1f54e24e38662badd1e63cd7bd4165a670638af2e14d1d3716506a0feb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:25 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 11:56:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HH6TW0S4LVgdymLXg11B3ze2lw7E4jfU3Dp7P%2FPLsRU4MYYc0sBzONiPKsBup%2B8ozBjrXk0am2mehd7h8HZDpSW%2BCrtICo4Z%2B2%2BPpYmSnD9qrlnEPBArvZ8VWCx6hDtENK9DQGaEA%2FpXoSbZufTQnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 87f3ec4d2fa09a41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 115781
expires: Tue, 04 Jun 2024 21:46:24 GMT

GET
H2 200 button_poker.gif
fivefieldsski.com/assets/imgs/menu/ 105 KB
105 KB 2897ms
2875ms Image
image/gif 2606:4700:3031::6815:5c70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fivefieldsski.com/assets/imgs/menu/button_poker.gif
Requested by: Host: fivefieldsski.com
URL: https://fivefieldsski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5c70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fbb2e3c1f6ae7fc2871ce727b2f15aa589c119db9876ab7f0a64b2821e50d9a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:27 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Feb 2024 11:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V67HElPJuZHRxWR6KVgQ0qp6b2RBju0G64gbhdPTR7ZfWuCQFi7Db%2BL%2B3mXu8k2vgREf1%2Bz%2FQrcbQ9en71%2F022Zx3y%2BFYcrjYPppskLZtSR%2FfhhmzWsZGPvMVEQGCxgcnWyxtN76Gj5ZIY2cQp1j1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 87f3ec4d2fa79a41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 107323
expires: Tue, 04 Jun 2024 21:46:26 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012404181825000/v0/ 8 KB
3 KB 84ms
33ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404181825000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

b765500a58cc93374829c9d2b1510d617fcc5aada2849d4efdd1f301a7253d8b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Origin: https://fivefieldsski.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 20:51:16 GMT
age: 435308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "663cf6dca8295d04"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 20:51:16 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012404181825000/v0/ 12 KB
4 KB 84ms
34ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404181825000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

cb6fcadd038e03de5104bf1711a8084c485490bb563206db0a673d271e274987

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Origin: https://fivefieldsski.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 20:51:16 GMT
age: 435308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3942
x-xss-protection: 0
server: sffe
etag: "5536cb3ac106fb0a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 20:51:16 GMT

GET
H2 200 /
angkatogelhariini.org/ Frame 9319 0
0 492ms
50ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://angkatogelhariini.org/
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://fivefieldsski.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 4552
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 87f3ec507dfa65b8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 05 May 2024 21:46:24 GMT
last-modified: Sun, 05 May 2024 20:05:14 GMT
link: <https://angkatogelhariini.org/wp-json/>; rel="https://api.w.org/" <https://angkatogelhariini.org/wp-json/wp/v2/pages/14>; rel="alternate"; type="application/json" <https://angkatogelhariini.org/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uYHkSur13WLp5Ue72ko%2BijhbWe3PpPBd%2BvupmgpK8hMSDg333qgLmssXR8PMx%2BmNGcJT6KMGKoFcFsYq6A7eC77uYbJ0bFMfmCmA0OyAdsQX5Q8WUOXbwMf5mqVSTAE2NiFM4EpdUK7aGZuxcFX7CAeB%2FYw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: amp_sanitizer;dur="38270.8",amp_style_sanitizer;dur="22369.4",amp_tag_and_attribute_sanitizer;dur="1366.3",amp_optimizer;dur="779.8"
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H3 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/rtv/012404181825000/v0/ 65 KB
19 KB 56ms
34ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404181825000/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

b21f3916de1d0f450429d1a29a95eb7c88a57dfd0903947e67774908ca7dd2f1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Origin: https://fivefieldsski.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 20:52:10 GMT
age: 435255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19052
x-xss-protection: 0
server: sffe
etag: "ed2f0b83c4631734"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 20:52:10 GMT

GET
H3 200 favicon.ico
fivefieldsski.com/assets/imgs/ 1 KB
1 KB 383ms
383ms Other
image/x-icon 172.67.192.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fivefieldsski.com/assets/imgs/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c121ba8da68fb59e01652af95c92e3545d8e60254b8f4bfedf305cd580b014

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fivefieldsski.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 21:46:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 02:49:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FnxF02PrepZgJZ7pypowAapEK0NvhlG0hAhiF96UKHcHvz%2FLM6uRB7CzMig5ctq1qC%2FWf9FCY3nZ2iH4sfJzlgdv6IDsSIW2eS07dsC%2ByB13alG%2BGc9Xn6Z2asKS30CnHRi%2FwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=2592000
cf-ray: 87f3ec607ea065dd-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 04 Jun 2024 21:46:27 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

angkatogelhariini.org
cdn.ampproject.org
fivefieldsski.com
fonts.googleapis.com
fonts.gstatic.com
nx-cdn.trgwl.com
142.250.184.225
172.67.192.23
2606:4700:21::681b:c959
2606:4700:3031::6815:5c70
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:831::2001
2a06:98c1:3120::3
065635d6e222622987d594711506d4cbeadcf754f014de87ba71869ea95a4e3a
07a9ec3741d1a5a82fea35cc0dd0f694f98a7b3df40fd16bab7a63c1ecce2c63
0b0b904d8b0a91076d16a4b0e449c4921e8cb446579156446f55945ec518c054
130697b5c76693930c189c33ea2efb684597cccf8d5c2bea069d6840e8915a67
3972bb3f436609007cca4dd7a43ecd215930868128134d2311e8f3fae5a667cf
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6fbb2e3c1f6ae7fc2871ce727b2f15aa589c119db9876ab7f0a64b2821e50d9a
729cf39187bda4533a392944f2802d8f8b9e8a0048676ec6481bf35a98713a43
7b7e8922a6a628180c5100c84882afbb4a4addef8e127d66dff747039ac66b8b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8c1d82c3e5fd23090cda5c222720adb7e13079a9d95e4ba064719518d141c7bd
919f101268e78b5b6abb55fbd23a69440aceb70f5b317b33732ad7886bcb24c6
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
96cf2cde4a3486708804549f900518ff792ab46590e44e1a8e15ec95f201f134
b21f3916de1d0f450429d1a29a95eb7c88a57dfd0903947e67774908ca7dd2f1
b765500a58cc93374829c9d2b1510d617fcc5aada2849d4efdd1f301a7253d8b
cb6fcadd038e03de5104bf1711a8084c485490bb563206db0a673d271e274987
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
dc7abeb3f8f1b71048535a8b5f53b4af2cfd617c178bb05709f80b0ff674cd5d
e5d62d3be4328933bde33f675d65b44a28d0c4f60e2bf3d63f0e9054dbc4544b
f0c121ba8da68fb59e01652af95c92e3545d8e60254b8f4bfedf305cd580b014
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fcf4151602e3456c139f62db41f1702f761f9e7ab99bec62257417414ce707b7
fd113d1f54e24e38662badd1e63cd7bd4165a670638af2e14d1d3716506a0feb

fivefieldsski.com Open in urlscan Pro 2606:4700:3031::6815:5c70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

75 %IPv6

6 Domains

6 Subdomains

8 IPs

2 Countries

1311 kBTransfer

1696 kBSize

0 Cookies

19 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Indicators

fivefieldsski.com Open in urlscan Pro
2606:4700:3031::6815:5c70 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

8
IPs

2
Countries

1311 kB
Transfer

1696 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions