1428elm.com Open in urlscan Pro
2a02:26f0:ef::5c7b:c27a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1428elm.com/
Effective URL:
https://1428elm.com/
Submission: On January 06 via manual (January 6th 2022, 12:13:16 pm UTC) from US — Scanned from DE

Summary HTTP 150 Redirects Links 90 Behaviour Indicators

Summary

This website contacted 51 IPs in 5 countries across 36 domains to perform 150 HTTP transactions. The main IP is 2a02:26f0:ef::5c7b:c27a, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is 1428elm.com. The Cisco Umbrella rank of the primary domain is 943251.
TLS certificate: Issued by R3 on December 23rd 2021. Valid for: 3 months.

This is the only time 1428elm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c27a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
20	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
8	2.16.186.17 2.16.186.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:236... 2600:9000:236e:a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.228 52.222.206.228	16509 (AMAZON-02) (AMAZON-02)
7	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	13.32.121.106 13.32.121.106	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6814:6a3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	35.190.48.184 35.190.48.184	15169 (GOOGLE) (GOOGLE)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.37.32.235 23.37.32.235	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2606:4700:20:... 2606:4700:20::681a:c5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.16.107.83 2.16.107.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:223... 2600:9000:223f:da00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
4	18.66.97.12 18.66.97.12	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6814:6b3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5	54.190.217.106 54.190.217.106	16509 (AMAZON-02) (AMAZON-02)
1	52.214.2.140 52.214.2.140	16509 (AMAZON-02) (AMAZON-02)
2	34.120.117.212 34.120.117.212	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:9800:17:62f0:2dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	52.213.21.126 52.213.21.126	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:8a00:b:13ba:bb40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:4800:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:8600:1b:3a6c:1300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.68 18.66.97.68	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	63.35.242.195 63.35.242.195	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
150	51

7 2a02:26f0:ef::5c7b:c27a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

1428elm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fansided.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com

images2.minutemediacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:236e:a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-228.fra56.r.cloudfront.net

d3ujids68p6xmq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-106.fra60.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6814:6a3e (United States)

ASN13335 (CLOUDFLARENET, US)

omny.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.omny.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.48.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.48.190.35.bc.googleusercontent.com

gammamaximum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.32.235 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-32-235.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:c5f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.equalweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-83.deploy.static.akamaitechnologies.com

middycdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:da00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-12.fra56.r.cloudfront.net

cdn.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:6b3e (United States)

ASN13335 (CLOUDFLARENET, US)

assets.omny.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.190.217.106 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-190-217-106.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.2.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-2-140.eu-west-1.compute.amazonaws.com

yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.117.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.117.120.34.bc.googleusercontent.com

ls.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:9800:17:62f0:2dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.raygun.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.213.21.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

memorizeneck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:8a00:b:13ba:bb40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.omnycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:4800:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:8600:1b:3a6c:1300:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.fansided.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-68.fra56.r.cloudfront.net

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	fansided.com cdn.fansided.com — Cisco Umbrella Rank: 36396 app.fansided.com — Cisco Umbrella Rank: 66840	199 KB
12	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 5311 trends.revcontent.com — Cisco Umbrella Rank: 1787 cdn.revcontent.com — Cisco Umbrella Rank: 6160 images.revcontent.com — Cisco Umbrella Rank: 5312	93 KB
10	browsiprod.com cdn.browsiprod.com — Cisco Umbrella Rank: 10696 events.browsiprod.com — Cisco Umbrella Rank: 9538 yield-manager.browsiprod.com — Cisco Umbrella Rank: 9833	86 KB
9	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 2682 t.skimresources.com — Cisco Umbrella Rank: 2666 p.skimresources.com — Cisco Umbrella Rank: 3502 r.skimresources.com — Cisco Umbrella Rank: 2534 ls.skimresources.com — Cisco Umbrella Rank: 7881	22 KB
8	gstatic.com fonts.gstatic.com	164 KB
8	minutemediacdn.com images2.minutemediacdn.com — Cisco Umbrella Rank: 14334	73 KB
7	omny.fm omny.fm — Cisco Umbrella Rank: 14663 assets.omny.fm — Cisco Umbrella Rank: 27165	405 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2153 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 6175 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 10199	175 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 183 ad.doubleclick.net — Cisco Umbrella Rank: 195 stats.g.doubleclick.net — Cisco Umbrella Rank: 81	145 KB
7	1428elm.com 1 redirects 1428elm.com — Cisco Umbrella Rank: 943251	43 KB
6	equalweb.com cdn.equalweb.com — Cisco Umbrella Rank: 24777	28 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	59 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 334 mug.criteo.com — Cisco Umbrella Rank: 3142	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 68	240 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com — Cisco Umbrella Rank: 261	8 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5833	627 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 975 www.google.com — Cisco Umbrella Rank: 13	908 B
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 537 syndication.twitter.com — Cisco Umbrella Rank: 743	133 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 124	2 KB
2	memorizeneck.com memorizeneck.com — Cisco Umbrella Rank: 48466	639 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	313 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 123	114 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 279	39 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 298	541 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1697	334 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 738	325 B
1	omnycontent.com www.omnycontent.com — Cisco Umbrella Rank: 18088	20 KB
1	raygun.io cdn.raygun.io — Cisco Umbrella Rank: 10163	21 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 540	482 B
1	akamaihd.net middycdn-a.akamaihd.net — Cisco Umbrella Rank: 14712	1 KB
1	optimizely.com cdn3.optimizely.com — Cisco Umbrella Rank: 3875	700 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 448	53 KB
1	gammamaximum.com gammamaximum.com — Cisco Umbrella Rank: 49202	26 KB
1	sharethrough.com native.sharethrough.com — Cisco Umbrella Rank: 1865	78 KB
1	cloudfront.net d3ujids68p6xmq.cloudfront.net	42 KB
1	webcontentassessor.com scripts.webcontentassessor.com — Cisco Umbrella Rank: 5144	32 KB
150	36

	Domain	Requested by
20	cdn.fansided.com	1428elm.com cdn.fansided.com quantcast.mgr.consensu.org
8	fonts.gstatic.com	cdn.fansided.com fonts.googleapis.com
8	images2.minutemediacdn.com	1428elm.com
7	1428elm.com	1 redirects 1428elm.com
6	trends.revcontent.com	assets.revcontent.com
6	cdn.equalweb.com	1428elm.com cdn.equalweb.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com assets.omny.fm cdn.raygun.io
5	events.browsiprod.com	cdn.browsiprod.com
5	quantcast.mgr.consensu.org	1428elm.com quantcast.mgr.consensu.org
4	assets.omny.fm	omny.fm cdn.raygun.io
4	cdn.browsiprod.com	middycdn-a.akamaihd.net cdn.browsiprod.com
4	www.googletagmanager.com	1428elm.com www.googletagmanager.com omny.fm
4	assets.revcontent.com	1428elm.com assets.revcontent.com
3	www.google.de	1428elm.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com cdn.raygun.io
3	t.skimresources.com	1428elm.com s.skimresources.com
3	sb.scorecardresearch.com	1 redirects 1428elm.com
3	omny.fm	1428elm.com cdn.raygun.io
3	securepubads.g.doubleclick.net	1428elm.com securepubads.g.doubleclick.net
3	fonts.googleapis.com	1428elm.com ajax.googleapis.com
2	memorizeneck.com	gammamaximum.com
2	ls.skimresources.com	s.skimresources.com
2	www.google.com	1428elm.com
2	www.facebook.com	1428elm.com
2	p.skimresources.com	1428elm.com
2	mug.criteo.com	1428elm.com
2	gum.criteo.com	1 redirects
2	connect.facebook.net	1428elm.com connect.facebook.net
2	platform.twitter.com	1428elm.com platform.twitter.com
2	c.amazon-adsystem.com	1428elm.com c.amazon-adsystem.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	images.revcontent.com
1	app.fansided.com	www.googletagmanager.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	cdn.revcontent.com	1428elm.com
1	www.omnycontent.com	cdn.raygun.io
1	ajax.googleapis.com	omny.fm
1	syndication.twitter.com	platform.twitter.com
1	cdn.raygun.io	omny.fm
1	yield-manager.browsiprod.com	cdn.browsiprod.com
1	r.skimresources.com	s.skimresources.com
1	analytics.google.com	www.googletagmanager.com
1	static.adsafeprotected.com	1428elm.com
1	middycdn-a.akamaihd.net	1428elm.com
1	s.skimresources.com	www.googletagmanager.com
1	ad.doubleclick.net	1428elm.com
1	cdn3.optimizely.com	d3ujids68p6xmq.cloudfront.net
1	ads.pubmatic.com	assets.revcontent.com
1	gammamaximum.com	1428elm.com
1	native.sharethrough.com	1428elm.com
1	d3ujids68p6xmq.cloudfront.net	1428elm.com
1	scripts.webcontentassessor.com	1428elm.com
150	55

This site contains links to these domains. Also see Links.

Domain
quiz.hiddenremote.com
fansided.com
www.facebook.com
twitter.com
hiddenremote.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
shop.minutemedia.com
daily.fansided.com
itunes.apple.com
play.google.com
netflixlife.com
amazonadviser.com
culturess.com
dorksideoftheforce.com
wizardsandwhatnot.com
bamsmackpow.com
onechicagocenter.com
precincttv.com
lastnighton.com
undeadwalking.com
claireandjamie.com
showsnob.com
kardashiandish.com
champagneandshade.com
acceptthisrose.com
survivingtribal.com
winteriscoming.net
redshirtsalwaysdie.com
www.dbltap.com
viridianforest.com
apptrigger.com
blogoflegends.com
diredota.com
foreverfortnite.com
foodsided.com
dogoday.com
www.mentalfloss.com
guiltyeats.com
bricksareawesome.com
smartcarting.com
underthelaces.com
rhymejunkie.com
www.90min.com
saturdayblitz.com
bustingbrackets.com
thebiglead.com
theplayerstribune.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
rushthekop.com R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
blogoflegends.com R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-31` - `2022-12-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.90min.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
assets.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
omny.fm Cloudflare Inc ECC CA-3	`2021-10-19` - `2022-10-18`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
gammamaximum.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-15` - `2022-01-13`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-01` - `2022-06-30`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.browsiprod.com Amazon	`2021-03-15` - `2022-04-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gobrowsi.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.raygun.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-11` - `2022-11-11`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
memorizeneck.com R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
omnycontent.com Amazon	`2021-05-02` - `2022-05-31`	a year	crt.sh
cdn.revcontent.com R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
*.fansided.com Amazon	`2021-08-31` - `2022-09-29`	a year	crt.sh
images.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://1428elm.com/
Frame ID: 2A602A99B3BF3178A6111D073CA4BB88
Requests: 122 HTTP requests in this frame

Frame: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover
Frame ID: 52BB5E1D68D381E18277BB59BCFDC3BC
Requests: 20 HTTP requests in this frame

Frame: https://cdn3.optimizely.com/js/geo2.js?cb=1641471189365
Frame ID: 5F8D56E469F64D85A1B69C4FA4D5EA4D
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3920873371345506
Frame ID: 50577BBF23ADFC1413404769610B2744
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2F1428elm.com
Frame ID: 6C0F983F9A2D77871C768FA09B9DA3EF
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 01C07777E94316309C49606BDB9130C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1428 Elm - Horror Genre News, Movies, TV Shows, Netflix & Commentary

Page URL History Show full URLs

http://1428elm.com/ HTTP 301
https://1428elm.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

EqualWeb (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.equalweb\.com.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

150
Requests

99 %
HTTPS

45 %
IPv6

36
Domains

55
Subdomains

51
IPs

5
Countries

2306 kB
Transfer

8322 kB
Size

47
Cookies

90 Outgoing links

These are links going to different origins than the main page.

URL: https://quiz.hiddenremote.com/what-should-i-binge-tv-quiz/
Title: What Should I Binge?

Search URL Search Domain Scan URL

URL: https://fansided.com/fansided-openings/
Title: Write for us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1428Elm
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/1428_Elm
Title: Twitter

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/2022/01/04/scream-5-release-date-trailer-cast-synopsis-and-more/

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=RnmuaQ04QEi%2FRALN8ZLiEhePwMT%2FdKPIwONgtI6AwXUXf2%2BRimKhmLVuWa5BbDUs0L8FKiT6KTktrt5XfrN3zIIxmf5k9DcpiWhY5ftaLdCu3XVW%2BuNNn9tWYuU6nD6RQNolnDTie%2Fs0Dkc3QxGEKz5xtedDulIyMDE08SowbNDn6WTSnCC%2FtM9y3Bl9guLd226acrrdKhnt1rJ9YhPJXiImb9rt7tb9ZWB0MkFMfgHaVet0Pv5GDiFsXjENO89bDh%2F7e%2BPdXOg0cgnX2jb1cxN9FtSjq9vhGefG%2FUNyR0Uqx36IV0KBw6nFgp68Lus8Zjqf8%2BQ3HLN8aj8tOW0%2BovV4QhRMzlZ0dw6BkcPaIVQwMN4CPjNbB%2BvzTDDhZG4IsY4Pz%2BbRNfQTHYT5ulO0pxedjaoB1V3lSOexBDbn48AwA1nYjSwB2w8xpL%2BhmgpuyyAvXho7Dc%2BqX8ns5jCddRDajktNOShfU0URP%2F%2BHVJXSkefK%2BcSzAvqd2jykx8D7%2FiP2r1XXMu0l%2FGgWpQPyOxpNO2pZhwzfmWcVXMbNbJnmTEheYmC5PevU22wYfSwkLlkp86Nn9mQ9YMbOA4QwyIHTxaTqOp5EQdlVnMK3W3ZfZurazsQLQ8ELtuWiCtpKpMwnNHqpb22mm8En%2Fjquk4rKO9dskgE7r9QsTAzUmrXKu6m4iN%2BwAZNGc1i5Bppr8lLwmJ57M4QWhPlFvyCGEnUKjhGayOj2hFmb6q8YH6JfLZfyrAHZFfBA8mYt6VH4%2FT8xFvsvmTydjtvV2Zk9GAp0u%2Ffdq%2FVsMbZh5mnuhYkJuaa7efOO9YbCJtwdoiO4KpZSieCSpf4M9xSGjbXOljawcTJVaiIbC7eJqfcDnQ%2FwDp26KzDjEgAJBeIBhfjG998PLcuZpZuTyiVCFTwFtAZV5i9lb09SZjuTFX1I1sluHRYGqCxR6s8eLC%2Ft05%2FyL9KYaZi2dxbkO9T8lRpJwiM2gC%2FmaHfor80UwcEsZbg%2F8pvwitI8ApOltqPSW%2BiNLPKbQjQ9tkPkjgBrt6KRB5hOhtIdiUaANjvbJ2N1jxHnHtDBrNKOhU5qW6YrRvD1mMRL77sFw%2Fqu%2BhVIM7GiZk7eK5Ps9yauyEk9pUSRQm%2FXbW3JQZOvEJKzopW4lCteAILQytmzIPS6NFeYnb4W%2FgZ5gPT%2F6Vf38VaEPbrbLFxp%2Bd8vi0AE14jR%2BTEdLm8N6AY32WvkpfSDOON1VVdJPA%3D%3D&s2s=1
Title: Unglaubliches Miniaturteleskop Lässt Sie Meilenweit SehenStarscope

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/2022/01/04/where-can-you-stream-scream-online-is-the-movie-on-hbo-max/

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/2022/01/03/jeepers-creepers-4-will-jeepers-creepers-reborn-pick-jack-taggarts-barn/

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/2021/12/25/time-yellowjackets-episode-7-coming/

Search URL Search Domain Scan URL

URL: https://fansided.com/

Search URL Search Domain Scan URL

URL: https://fansided.com/about-fansided/
Title: About

Search URL Search Domain Scan URL

URL: https://fansided.com/about-fansided#masthead
Title: Masthead

Search URL Search Domain Scan URL

URL: https://fansided.com/join-fansided/
Title: Openings

Search URL Search Domain Scan URL

URL: https://shop.minutemedia.com/
Title: Swag

Search URL Search Domain Scan URL

URL: https://fansided.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://fansided.com/network/
Title: Our 300+ Sites

Search URL Search Domain Scan URL

URL: https://fansided.com/mobile/
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://daily.fansided.com/
Title: FanSided Daily

Search URL Search Domain Scan URL

URL: https://fansided.com/how-to-pitch-a-story-to-fansided/
Title: Pitch a Story

Search URL Search Domain Scan URL

URL: https://fansided.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://fansided.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://fansided.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://fansided.com/website-disclaimer/
Title: Legal Disclaimer

Search URL Search Domain Scan URL

URL: https://fansided.com/eu-privacy-policy/#data-subject-requests
Title: EU Data Subject Requests

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/fansided-sports/id553311886?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.noticesoftware.FanSided

Search URL Search Domain Scan URL

URL: https://fansided.com/network/entertainment/
Title: Streaming

Search URL Search Domain Scan URL

URL: https://netflixlife.com/
Title: More Netflix News »

Search URL Search Domain Scan URL

URL: https://amazonadviser.com/
Title: More Amazon News »

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/streaming/
Title: Streaming

Search URL Search Domain Scan URL

URL: https://fansided.com/entertainment/
Title: More FS Movie News »

Search URL Search Domain Scan URL

URL: https://culturess.com/movies/
Title: Movies News

Search URL Search Domain Scan URL

URL: https://netflixlife.com/movies/
Title: Netflix Movies

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/movies/
Title: All-Time Movies

Search URL Search Domain Scan URL

URL: https://dorksideoftheforce.com/
Title: Star Wars Movies

Search URL Search Domain Scan URL

URL: https://wizardsandwhatnot.com/
Title: Harry Potter Movies

Search URL Search Domain Scan URL

URL: https://bamsmackpow.com/
Title: Superhero & Comics

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/
Title: TV Shows News

Search URL Search Domain Scan URL

URL: https://netflixlife.com/tv/
Title: Netflix TV Shows

Search URL Search Domain Scan URL

URL: https://onechicagocenter.com/
Title: Chicago TV Shows

Search URL Search Domain Scan URL

URL: https://precincttv.com/
Title: Cops TV Shows

Search URL Search Domain Scan URL

URL: https://lastnighton.com/
Title: Saturday Night Live

Search URL Search Domain Scan URL

URL: https://undeadwalking.com/
Title: Walking Dead News

Search URL Search Domain Scan URL

URL: https://claireandjamie.com/
Title: Outlander News

Search URL Search Domain Scan URL

URL: https://showsnob.com/
Title: TV Shows Recaps

Search URL Search Domain Scan URL

URL: https://kardashiandish.com/celebrities/
Title: Celebrities News

Search URL Search Domain Scan URL

URL: https://champagneandshade.com/
Title: The Real Housewives News

Search URL Search Domain Scan URL

URL: https://kardashiandish.com/
Title: Kardashians News

Search URL Search Domain Scan URL

URL: https://acceptthisrose.com/
Title: The Bachelor & The Bachelorette

Search URL Search Domain Scan URL

URL: https://survivingtribal.com/
Title: Survivor TV Show News

Search URL Search Domain Scan URL

URL: https://winteriscoming.net/
Title: Fantasy & Sci-Fi

Search URL Search Domain Scan URL

URL: https://winteriscoming.net/game-of-thrones/
Title: Game Of Thrones News

Search URL Search Domain Scan URL

URL: https://redshirtsalwaysdie.com/
Title: Star Trek Sci-Fi Movies

Search URL Search Domain Scan URL

URL: https://www.dbltap.com/
Title: Esports & Gaming

Search URL Search Domain Scan URL

URL: https://viridianforest.com/
Title: Pokemon Gaming News

Search URL Search Domain Scan URL

URL: https://apptrigger.com/
Title: Gaming News

Search URL Search Domain Scan URL

URL: https://blogoflegends.com/
Title: League of Legends News

Search URL Search Domain Scan URL

URL: https://diredota.com/
Title: Dota 2 News

Search URL Search Domain Scan URL

URL: https://foreverfortnite.com/
Title: Fortnite News

Search URL Search Domain Scan URL

URL: https://dorksideoftheforce.com/video-games/
Title: Star Wars Video Games

Search URL Search Domain Scan URL

URL: https://redshirtsalwaysdie.com/gaming/
Title: Star Trek Online Gaming

Search URL Search Domain Scan URL

URL: https://winteriscoming.net/games/
Title: GOT Gaming

Search URL Search Domain Scan URL

URL: https://fansided.com/network/lifestyle/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://foodsided.com/
Title: More Food News »

Search URL Search Domain Scan URL

URL: https://dogoday.com/
Title: More Dog News »

Search URL Search Domain Scan URL

URL: https://www.mentalfloss.com/
Title: Facts & Trivia

Search URL Search Domain Scan URL

URL: https://guiltyeats.com/
Title: Guilty Food News

Search URL Search Domain Scan URL

URL: https://bricksareawesome.com/
Title: Lego News & Rumors

Search URL Search Domain Scan URL

URL: https://smartcarting.com/
Title: All Shopping News

Search URL Search Domain Scan URL

URL: https://underthelaces.com/
Title: Sneakers News

Search URL Search Domain Scan URL

URL: https://culturess.com/music/
Title: More Music News »

Search URL Search Domain Scan URL

URL: https://fansided.com/mlb/mlb-draft/
Title: More FS Music News »

Search URL Search Domain Scan URL

URL: https://rhymejunkie.com/
Title: Hip Hop Music News

Search URL Search Domain Scan URL

URL: https://fansided.com/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://fansided.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://fansided.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://fansided.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://www.90min.com/
Title: Soccer

Search URL Search Domain Scan URL

URL: https://saturdayblitz.com/
Title: CFB

Search URL Search Domain Scan URL

URL: https://bustingbrackets.com/
Title: CBB

Search URL Search Domain Scan URL

URL: https://thebiglead.com/
Title: Sports Media News

Search URL Search Domain Scan URL

URL: https://theplayerstribune.com/
Title: The Players Tribune

Search URL Search Domain Scan URL

URL: https://fansided.com/fansided-openings/#featured-jobs
Title: Openings

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fansided?_rdr=p
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/fansided
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fansided/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/fansidedblogs
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1428elm.com/ HTTP 301
https://1428elm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_ucfr=1&ns__t=1641471189416&ns_c=UTF-8&cv=3.5&c8=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&c7=https%3A%2F%2F1428elm.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1641471189416&ns_c=UTF-8&cv=3.5&c8=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&c7=https%3A%2F%2F1428elm.com%2F&c9=

Request Chain 68

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1428elm.com%2F&domain=1428elm.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=mGKI7nxyR0t0cXkyUGk3dmkvZGlwMXJPdW5MazE2YXZIbW85ZFUzQkxpTmhWK2JOQSt2dDBwb2hqQnVLOGxzWVZSWWx0YmNVdkFCQ0lpZmtTZDE0RzNDOUplUnQxNDlGcUtUanBvV1BKbG1iVnJRM1VVamh5Q2NQWDlsTzY0MXFBUjFvcXZObWFZa0puSzRHTFJIWEI1UHpNWGo3TTE5WEtCbTFtVHZsZmo3MlNodE12d2gyL0RwREtiR3BWeVNua3VXRlMzcnFyUks3dTEzakxlMitwb0RVdGlnZUtPN01rZXNmS29qT2JyVmxUMGVzPXw&cppv=2

150 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1428elm.com/
Redirect Chain

http://1428elm.com/
https://1428elm.com/

129 KB
23 KB

42ms
13ms

Document
text/html

2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai /

Resource Hash

72510cac0a0ef512d110f80fec4d188c15a6cc5d77f944df2882e7299225403f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-user-agent: standard
x-cache-config: 0 0
content-encoding: gzip
content-length: 23408
expires: Thu, 06 Jan 2022 12:13:09 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
server: Akamai

Redirect headers

Content-Length: 0
Location: https://1428elm.com/
Date: Thu, 06 Jan 2022 12:13:08 GMT
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Server: Akamai

GET
H2 200 style.css
1428elm.com/wp-content/plugins/mm-video/styles/ 116 B
629 B 9ms
7ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://1428elm.com/wp-content/plugins/mm-video/styles/style.css?ver=1622067645
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 22:20:45 GMT
server: Akamai
etag: "60aec9bd-74"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2255773
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 120
expires: Tue, 01 Feb 2022 14:49:22 GMT

GET
H2 200 block.css
1428elm.com/wp-content/plugins/mm-video/styles/ 6 KB
2 KB 10ms
8ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://1428elm.com/wp-content/plugins/mm-video/styles/block.css?ver=1622067645
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 131ed8e00c533d7b5c15c868d5d6c11bd969db51f2edba24c22b81e8a4599ebf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 22:20:45 GMT
server: Akamai
etag: W/"60aec9bd-1819"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2135277
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 1686
expires: Mon, 31 Jan 2022 05:21:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1023 B 44ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&ver=2.69.6

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 11:22:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 12:13:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 722 B
452 B 44ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web&ver=2.69.6

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecd8799f73c6448e0900077d29c47a134dc4e755c1a3d2d1b17171fad091f65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 11:23:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 12:13:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H2 200 style.css
cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/ 435 KB
68 KB 82ms
30ms Stylesheet
text/css 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 4a07279d0df1ed1d2f92b3cb85c7b44eb5b53287146e976da68c74530fc4b820

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Jan 2022 18:52:40 GMT
server: Akamai
etag: W/"61d49778-6caf1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2443193
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 69401
expires: Thu, 03 Feb 2022 18:53:02 GMT

GET
H2 200 shortcodes-c834d05bcc.css
1428elm.com/wp-content/plugins/fansided-shortcodes/dist/ 61 KB
10 KB 11ms
9ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://1428elm.com/wp-content/plugins/fansided-shortcodes/dist/shortcodes-c834d05bcc.css
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: fb09d617a359ba0030ba32a4eed457ab9ecdebc19c37495d74204aa3a3d47c96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Dec 2021 21:26:46 GMT
server: Akamai
etag: W/"61a93a16-f43b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1949455
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 9625
expires: Sat, 29 Jan 2022 01:44:04 GMT

GET
H2 200 network-nav.css
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 40 KB
7 KB 61ms
9ms Stylesheet
text/css 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.69.6
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 0a919ef477d47a8e6e7cdfb4da000abe193428a1b14ee072016c843d90bc5953

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Jan 2022 18:52:50 GMT
server: Akamai
etag: W/"61d49782-9e5e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2443173
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 6598
expires: Thu, 03 Feb 2022 18:52:42 GMT

GET
H2 200 mm-video.js Show response
cdn.fansided.com/wp-content/plugins/mm-video/scripts/ 75 B
579 B 66ms
14ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/plugins/mm-video/scripts/mm-video.js?ver=1.4.4
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 04e94049f021c04df2fd03c9eb6736233808ec2ad4671fdfff7488627c4bcae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 22:20:45 GMT
server: Akamai
etag: "60aec9bd-4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1675698
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 60
expires: Tue, 25 Jan 2022 21:41:27 GMT

GET
H2 200 jquery.js Show response
cdn.fansided.com/wp-includes/js/jquery/ 95 KB
34 KB 74ms
22ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 12:10:01 GMT
server: Akamai
etag: W/"609e6899-17a6a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1593124
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 34019
expires: Mon, 24 Jan 2022 22:45:13 GMT

GET
H2 200 iframeSizer.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 11 KB
5 KB 68ms
16ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/iframeSizer.min.js?ver=4.9.18
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 18:43:09 GMT
server: Akamai
etag: W/"61ae59bd-2d5b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=798153
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 4629
expires: Sat, 15 Jan 2022 17:55:42 GMT

GET
H2 200 a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35 Show response
scripts.webcontentassessor.com/scripts/ 129 KB
32 KB 44ms
9ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e87c336921af958891cc38b693fb15fffb2472360e2645b72c250f7a5dc53181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
age: 2275
x-cache: HIT
content-length: 32815
x-amz-id-2: UD1iVTECe02YWoJHuub5rR+FZIzTbaq1Npmjl9V+0IEF6fCV1fGkyJ3eJRKZ5jRTpd5wrUHs7Fw=
x-served-by: cache-hhn4036-HHN
last-modified: Thu, 06 Jan 2022 11:22:50 GMT
server: AmazonS3
x-timer: S1641471189.088818,VS0,VE0
etag: "69115520a48d77fd4ffd9430ec389955"
vary: Accept-Encoding
x-amz-request-id: XEDY837VJ2B6YQ1G
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 11

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 65ms
39ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5a014be48ad2d69469e55c2f6ef8f0a37b844bb92c4b0c690fc198e70e075410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27012
x-xss-protection: 0
server: sffe
etag: "1093 / 908 of 1000 / last-modified: 1641462274"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H2 200 logo_1428elm-com__150x150.png
images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/1428elm/ 2 KB
2 KB 378ms
295ms Image
image/webp 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/1428elm/logo_1428elm-com__150x150.png
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b6e56f7d4d691eae8da027ce18e651b6e0b6a3fd7facd5aff5b5a2d0fafdde7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
last-modified: Tue, 25 Feb 2020 19:23:44 GMT
x-timer: S1623363747.994214,VS0,VE69
etag: "17b79cd35ca721ea7abb094f4e0732b0"
x-served-by: cache-wdc5538-WDC
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31480699
x-cache-hits: 0
content-disposition: inline; filename="logo_1428elm-com__150x150.webp"
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
content-length: 1884
expires: Thu, 13 Jan 2022 12:13:09 GMT

GET
H2 200 logo_1428elm-com__150x150.png
cdn.fansided.com/wp-content/assets/site_images/1428elm/ 6 KB
6 KB 20ms
17ms Image
image/png 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/assets/site_images/1428elm/logo_1428elm-com__150x150.png
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 1a17e916c231c44676b729589a258a2e9083f092474760d454fbd22ac30e1c47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Feb 2016 20:26:11 GMT
server: Akamai
etag: "56b26263-170a"
content-type: image/png
cache-control: max-age=1610851
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 5898
expires: Tue, 25 Jan 2022 03:40:40 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 52ms
17ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 114
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 11QW6AZ344PAZ35TARXN
date: Thu, 06 Jan 2022 12:11:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZUjd1djwcnqHEUtd-FBPF6XbAF6pBSkIoSG5nKDUOVuSboi0xJ4Caw==

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/1428elm.com/ 10 KB
4 KB 430ms
390ms Script
application/javascript 2600:9000:236e:a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/1428elm.com/choice.js
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1e38da139b32cf100618104a031b37c817bfcf7e8d2eececc91a9865ef48cdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 06 Jan 2022 12:13:10 GMT
content-encoding: br
last-modified: Wed, 22 Dec 2021 09:32:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"3eb095524163e03ef8940fc096458af4"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: f1PlRY4BVeSi8-C3rkXACYbe9LUCTqqrsA_NOL8QnAaT86pBrXLVMg==

GET
H2 200 twemoji.js Show response
cdn.fansided.com/wp-includes/js/ 25 KB
8 KB 24ms
21ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/twemoji.js?ver=4.9.18
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 12:10:01 GMT
server: Akamai
etag: W/"609e6899-64c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2495771
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 7682
expires: Fri, 04 Feb 2022 09:29:20 GMT

GET
H2 200 wp-emoji.js Show response
cdn.fansided.com/wp-includes/js/ 7 KB
3 KB 26ms
24ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/wp-emoji.js?ver=4.9.18
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 12:10:01 GMT
server: Akamai
etag: W/"609e6899-1a68"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=267445
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 2637
expires: Sun, 09 Jan 2022 14:30:34 GMT

GET
H2 200 fansided-logo.svg
cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/ 8 KB
3 KB 32ms
30ms Image
image/svg+xml 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/fansided-logo.svg
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 18:42:39 GMT
server: Akamai
etag: W/"61ae599f-2191"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1263258
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 3016
expires: Fri, 21 Jan 2022 03:07:27 GMT

GET
H2 200 apple-app.png
1428elm.com/wp-content/themes/fansided-v5/assets/images/ 2 KB
2 KB 12ms
9ms Image
image/png 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1428elm.com/wp-content/themes/fansided-v5/assets/images/apple-app.png
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 18:42:39 GMT
server: Akamai
etag: "61ae599f-682"
content-type: image/png
cache-control: max-age=1985515
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 1666
expires: Sat, 29 Jan 2022 11:45:04 GMT

GET
H2 200 android-app.png
1428elm.com/wp-content/themes/fansided-v5/assets/images/ 4 KB
4 KB 12ms
10ms Image
image/png 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1428elm.com/wp-content/themes/fansided-v5/assets/images/android-app.png
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 18:42:39 GMT
server: Akamai
etag: "61ae599f-f1f"
content-type: image/png
cache-control: max-age=1470204
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 3871
expires: Sun, 23 Jan 2022 12:36:33 GMT

GET
H/1.1 200
OK abw.js Show response
d3ujids68p6xmq.cloudfront.net/ 223 KB
42 KB 37ms
9ms Script
application/javascript 52.222.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ujids68p6xmq.cloudfront.net/abw.js
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-228.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 05 Jan 2022 20:21:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Feb 2018 14:40:14 GMT
Server: AmazonS3
Age: 57086
ETag: "e817b0f323fb2559fcb2e5701865527a"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P3
Accept-Ranges: bytes
Content-Length: 42771
X-Amz-Cf-Id: Qo6ieHGt2I4T02d1Mv7jt955TfjZis29FG8lcRzjsnBo1Lni0UYYYg==

GET
H2 200 front.js Show response
cdn.fansided.com/wp-content/plugins/mm-video/scripts/ 1 KB
920 B 17ms
16ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/plugins/mm-video/scripts/front.js?ver=1622067645
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 22:20:45 GMT
server: Akamai
etag: W/"60aec9bd-41a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1138714
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 405
expires: Wed, 19 Jan 2022 16:31:43 GMT

GET
H2 200 longform.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 272 B
721 B 20ms
20ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/longform.min.js?ver=2.69.6
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Jan 2022 18:52:30 GMT
server: Akamai
etag: "61d4976e-110"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2443175
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 202
expires: Thu, 03 Feb 2022 18:52:44 GMT

GET
H2 200 fs-event-preview.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 1 KB
1000 B 16ms
14ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/fs-event-preview.min.js?ver=2.69.6
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Jan 2022 18:52:30 GMT
server: Akamai
etag: W/"61d4976e-5ea"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2443239
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 485
expires: Thu, 03 Feb 2022 18:53:48 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 193 KB
62 KB 42ms
12ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04e157179d65122899f04ae1ca5abce931d79afb7d71a77dbd10be055a831afd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
last-modified: Thu, 30 Dec 2021 19:34:40 GMT
server: AmazonS3
x-amz-request-id: DACMQ1F7Q1R7DQJN
etag: "7806f06564865cbc3cb521f9d7ca3022"
x-hw: 1641471189.cds149.fr8.hn,1641471189.cds146.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 63495
x-amz-id-2: o3mH5624A28nT7IZPhURLr1hXdeuSlV3T0PbmY2hDpZ/+tOpSDOoE1wwZ/o5v4CohPXW+dSnyJQ=

GET
H2 200 slick.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 39 KB
10 KB 62ms
59ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/slick.min.js?ver=2.69.6
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: ee5cee59a5aae5b3a05e9ba3de8f668ccb79b0f03a304d243e4633e081981440

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Jan 2022 18:51:53 GMT
server: Akamai
etag: W/"61d49749-9be7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2443593
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 9725
expires: Thu, 03 Feb 2022 18:59:42 GMT

GET
H2 200 main.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 27 KB
9 KB 11ms
8ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/main.min.js?ver=2.69.6
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 14e6ca0167f6a25b412bfd7b0061ab643215a6de77d9799977a393096f4ae781

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Jan 2022 18:52:30 GMT
server: Akamai
etag: W/"61d4976e-6c16"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2443521
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 8719
expires: Thu, 03 Feb 2022 18:58:30 GMT

GET
H2 200 network-nav.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 38 KB
14 KB 17ms
15ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.min.js?ver=2.69.6
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: cdcfe798d0f7bac375a28b5ebe918d9b150d67f7cb8eea40ea956ac579f65f95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Jan 2022 18:52:50 GMT
server: Akamai
etag: W/"61d49782-9805"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2443351
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 13911
expires: Thu, 03 Feb 2022 18:55:40 GMT

GET
H2 200 bundled-scripts.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 946 B
970 B 12ms
9ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/bundled-scripts.min.js?ver=2.69.6
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Jan 2022 18:52:42 GMT
server: Akamai
etag: W/"61d4977a-3b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2443187
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 455
expires: Thu, 03 Feb 2022 18:52:56 GMT

GET
H2 200 wp-embed.js Show response
cdn.fansided.com/wp-includes/js/ 3 KB
2 KB 23ms
20ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/wp-embed.js?ver=4.9.18
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 12:10:01 GMT
server: Akamai
etag: W/"609e6899-c68"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2290985
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
content-length: 1243
expires: Wed, 02 Feb 2022 00:36:14 GMT

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 281 KB
78 KB 38ms
9ms Script
application/javascript 13.32.121.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js?ver=4.9.18
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-106.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7dc9baa04f07dc4fd914abdce6828e02b39f404b29594c8308869780eae3c8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:55:14 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 20:55:09 GMT
server: AmazonS3
age: 1076
etag: W/"d29aa4c2ebed7c1e9b8d77207ab72fb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: iyF4RuqLvtHosdCjS0D2pJEg3EOft6AbqD9Iu9qVOZlfkj055uvZ2w==
expires: Tue, 04 Jan 2022 21:55:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 406 KB
83 KB 47ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ca7821ff13a0a119d09777e14ddc2611695475a8ed77436207557d8539d7779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84735
x-xss-protection: 0
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H2 200 https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_82263.jpeg
images2.minutemediacdn.com/image/fetch/w_580,h_480,c_fill,g_auto,f_auto/ 25 KB
25 KB 389ms
324ms Image
image/webp 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_580,h_480,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_82263.jpeg
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1beb70aeb160cd10c6baf44b05b80681e31a6fb4b1617da1437482fd38b472d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
cache-tag: 633200582203207336000750108433440723680,535846883432006329681585907625717777215,94a1dd9ac5291745da96948b5fe90b03
status: 200 OK
content-disposition: inline; filename="ie_82263.webp"
content-length: 25536
x-request-id: ed33eb8d5312ab24773a9abbe706923b
x-served-by: cache-wdc5573-WDC
last-modified: Wed, 05 Jan 2022 16:22:18 GMT
x-timer: S1641399968.323070,VS0,VE1046
etag: "88003d76f7aad717937e7d5d86585e6a"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 13 Jan 2022 12:13:09 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_63912.jpeg
images2.minutemediacdn.com/image/fetch/w_580,h_260,c_fill,g_auto,f_auto/ 15 KB
16 KB 352ms
286ms Image
image/webp 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_580,h_260,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_63912.jpeg
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9f66f6ff7e8894b5051577f20f95306a8933c8bbf8e4e5f202b019d1851f3dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
cache-tag: 572365434564640009520932271665097452627,463698462999677659810637888945191188742,94a1dd9ac5291745da96948b5fe90b03
status: 200 OK
content-disposition: inline; filename="ie_63912.webp"
content-length: 15580
x-request-id: 754317486cc5d7d7ce1b419730222b76
x-served-by: cache-bwi5038-BWI
last-modified: Wed, 05 Jan 2022 02:07:32 GMT
x-timer: S1641399968.340521,VS0,VE492
etag: "6f3ddca178d40f887e2b174d61936c4a"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 13 Jan 2022 12:13:09 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_69480.jpeg
images2.minutemediacdn.com/image/fetch/w_302,h_220,c_fill,g_auto,f_auto/ 4 KB
4 KB 417ms
378ms Image
image/webp 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_302,h_220,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_69480.jpeg
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e935a508e1cb30b68e129c23b21dbe8e84e8c92c3940a9a30e0a5eaf29b65cca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
cache-tag: 453057561198442922203833383959253998723,475145223184120493039428780604261155024,94a1dd9ac5291745da96948b5fe90b03
content-disposition: inline; filename="ie_69480.webp"
content-length: 4120
x-served-by: cache-bwi5079-BWI
last-modified: Wed, 05 May 2021 06:03:15 GMT
x-timer: S1641399968.349070,VS0,VE106
etag: "7ae56033dd46630b17a9ccd775c4d701"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 13 Jan 2022 12:13:09 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_82140.jpeg
images2.minutemediacdn.com/image/fetch/w_302,h_220,c_fill,g_auto,f_auto/ 6 KB
7 KB 481ms
443ms Image
image/webp 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_302,h_220,c_fill,g_auto,f_auto/https%3A%2F%2F1428elm.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_82140.jpeg
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cebeddb882f180ad46537849414a2bf4418e21059254df1747d0973ef8c1c83e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
cache-tag: 450312037798088297962066884902596120572,475145223184120493039428780604261155024,94a1dd9ac5291745da96948b5fe90b03
status: 200 OK
content-disposition: inline; filename="ie_82140.webp"
content-length: 6242
x-request-id: 165101dfbb1765aa983815ada1ae7337
x-served-by: cache-bwi5075-BWI
last-modified: Sun, 02 Jan 2022 06:35:06 GMT
x-timer: S1641105303.435363,VS0,VE1764
etag: "ff7b12a77b119eafca7ae644a936b002"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 13 Jan 2022 12:13:09 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff
fonts.gstatic.com/s/titilliumweb/v4/ 15 KB
16 KB 39ms
14ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 21:27:02 GMT
x-content-type-options: nosniff
age: 225967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15292
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:51:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 21:27:02 GMT

GET
H2 200 FontSided1dot5.woff
cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/ 19 KB
20 KB 60ms
20ms Font
application/font-woff 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/FontSided1dot5.woff?v=1.5
Requested by: Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 18:42:39 GMT
server: Akamai
etag: "61ae599f-4bec"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1827335
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 19436
expires: Thu, 27 Jan 2022 15:48:44 GMT

GET
H2 200 bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/ 39 KB
22 KB 57ms
33ms Font
font/ttf 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v10/bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22073
x-xss-protection: 0
last-modified: Mon, 06 Oct 2014 20:36:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 17:07:57 GMT

GET
H2 200 HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/ 30 KB
19 KB 48ms
25ms Font
font/ttf 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v10/HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18810
x-xss-protection: 0
last-modified: Mon, 06 Oct 2014 20:38:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 17:22:51 GMT

GET
H2 200 Y_TKV6o8WovbUd3m_X9aAA.ttf
fonts.gstatic.com/s/oswald/v10/ 34 KB
20 KB 43ms
27ms Font
font/ttf 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v10/Y_TKV6o8WovbUd3m_X9aAA.ttf

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

334a98eaeec325cbc84a300e98e133aae9fac74e682f34d11bf0cea7236781f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 04:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19906
x-xss-protection: 0
last-modified: Mon, 06 Oct 2014 20:36:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 04:20:55 GMT

GET
H2 200 embed Show response
omny.fm/shows/slasher-radio-podcast/playlists/podcast/ Frame 52BB 3 KB
2 KB 283ms
219ms Document
text/html 2606:4700:10::6814:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6bb2d13c0abb405d05b3b43c2a985937a5071f382521cd9a026f8e38ad33585

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900
expires: Thu, 06 Jan 2022 12:26:16 GMT
last-modified: Thu, 06 Jan 2022 12:11:16 GMT
vary: *, Accept-Encoding
p3p: CP="CAO PSA OUR"
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c94dbd5091c59bf-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff
fonts.gstatic.com/s/titilliumweb/v4/ 15 KB
15 KB 24ms
24ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:43:22 GMT
x-content-type-options: nosniff
age: 512987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15504
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:53:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:43:22 GMT

GET
H2 200 anMUvcNT0H1YN4FII8wpr24bNCNEoFTpS2BTjF6FB5E.woff
fonts.gstatic.com/s/titilliumweb/v4/ 15 KB
15 KB 30ms
30ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr24bNCNEoFTpS2BTjF6FB5E.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4379ae888a737fd330f0c964e263b1a64a51a7a69a5c76f3dc049a7f1b325a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 03:18:00 GMT
x-content-type-options: nosniff
age: 118509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15568
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:50:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 03:18:00 GMT

GET
H2 200 anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff
fonts.gstatic.com/s/titilliumweb/v4/ 14 KB
14 KB 30ms
30ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.6
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:16:42 GMT
x-content-type-options: nosniff
age: 165387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14692
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:51:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 14:16:42 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 34ms
8ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 06:16:52 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 105483
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: QSFGVbAw9mosfIXKgN3jyfpYPEAXzwS2tdoQ4lodMtygOMHBswmgdg==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 229ms
39ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE6) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 12:13:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CE6)
Age: 724
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea Show response
gammamaximum.com/ 88 KB
26 KB 59ms
20ms Script
text/javascript 35.190.48.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.48.190.35.bc.googleusercontent.com

Software

Resource Hash

82edd467a8b50a2879b8f27e79caf54443d18737eaa835323e3bc1c76a1ff5a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "21925c143523414764db3e60504d256a189e06558e57e64ee0ef896cc227c3a7"
vary: Accept-Encoding, Accept-Language
x-hostname: a26589ac
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Thu, 06 Jan 2022 12:13:09 GMT
timing-allow-origin: *

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 165 KB
53 KB 73ms
19ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 21:19:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1416-29219-5c85dc6abdd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=49616
accept-ranges: bytes
content-type: text/javascript
content-length: 54050
expires: Fri, 07 Jan 2022 02:00:05 GMT

GET
H2 200 accessibility-light.svg
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/ 612 B
870 B 38ms
38ms Image
image/svg+xml 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/accessibility-light.svg
Requested by: Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.69.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.69.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 18:43:21 GMT
server: Akamai
etag: "61ae59c9-264"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2113703
date: Thu, 06 Jan 2022 12:13:09 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 351
expires: Sun, 30 Jan 2022 23:21:32 GMT

GET
H2 200 https%3A%2F%2Fhiddenremote.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_78088-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 5 KB
5 KB 190ms
189ms Image
image/webp 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fhiddenremote.com%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_78088-850x560.jpeg
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5a4f2af1233a1e145c041dd1a12f4c6e1fffb405112b9f06fbd2ccc79adc6f59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
cache-tag: 629281246510206999692348310245017911938,476083543486782568568746076822847310510,94a1dd9ac5291745da96948b5fe90b03
status: 200 OK
content-disposition: inline; filename="ie_78088-850x560.webp"
content-length: 4888
x-request-id: 2c21135b117a3b61dafd238ef634d3ff
x-served-by: cache-dca17768-DCA
last-modified: Tue, 04 Jan 2022 15:26:26 GMT
x-timer: S1641310458.533453,VS0,VE428
etag: "fb7f216674e20ed213d1c7f111415b53"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 13 Jan 2022 12:13:09 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2Fhiddenremote.com%2Ffiles%2F2021%2F09%2Fscrfp-018r-850x560.jpg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 3 KB
4 KB 325ms
325ms Image
image/webp 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fhiddenremote.com%2Ffiles%2F2021%2F09%2Fscrfp-018r-850x560.jpg
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6de712de412a66b001d67b744077bf9e5fae98fdc44f6d59cf5ee44022d0e9e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
cache-tag: 489184708886461562613647628923954679951,476083543486782568568746076822847310510,94a1dd9ac5291745da96948b5fe90b03
status: 200 OK
content-disposition: inline; filename="scrfp-018r-850x560.webp"
content-length: 3312
x-request-id: ffd8004ab8ced37bfb58d59131cf6c29
x-served-by: cache-bwi5079-BWI
last-modified: Tue, 21 Dec 2021 15:34:57 GMT
x-timer: S1640102089.477272,VS0,VE322
etag: "1fb64a24be46bdea91cf853fc7313f50"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 13 Jan 2022 12:13:09 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2Fhiddenremote.com%2Ffiles%2Fimage-exchange%2F2021%2F09%2Fie_58120-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 9 KB
10 KB 152ms
151ms Image
image/webp 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fhiddenremote.com%2Ffiles%2Fimage-exchange%2F2021%2F09%2Fie_58120-850x560.jpeg
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 04849b1de06f93f1c9cd6cc95301e036e3121988e0f3c7a90ecf475303b694ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
status: 200 OK
content-disposition: inline; filename="ie_58120-850x560.webp"
content-length: 9548
x-request-id: 185a751533035cc32b43beeb82938621
x-served-by: cache-wdc5562-WDC
last-modified: Sat, 04 Sep 2021 13:01:40 GMT
x-timer: S1630765040.531038,VS0,VE400
etag: "bbbd0a4ac4bc6b1ee99344de0a7f19ef"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 13 Jan 2022 12:13:09 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 26ms
10ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 01:41:37 GMT
server: AmazonS3
date: Thu, 06 Jan 2022 12:13:09 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: ggzx1gL9f5siEI7F7eiPkWJ0hyIR2Ma8GvXtMKfmnpx8n_f-G2hILg==

GET
H/1.1 200
OK geo2.js Show response
cdn3.optimizely.com/js/ Frame 5F8D 293 B
700 B 42ms
8ms Script
application/javascript 23.37.32.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo2.js?cb=1641471189365
Requested by: Host: d3ujids68p6xmq.cloudfront.net
URL: https://d3ujids68p6xmq.cloudfront.net/abw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.37.32.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-32-235.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 373f7f695977dc425b9936b756746f06fb589b4d7c6e845e9d48bad048fc05c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server: AmazonS3
x-amz-request-id: 6A1AA1F810754193
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=69430
Date: Thu, 06 Jan 2022 12:13:09 GMT
Connection: keep-alive
Content-Length: 293
x-amz-id-2: ZXi0usPohSuAesZIiMOoUe7rm5pVbZJKk5/swzraA3dBkb05ZJ80j/UhN0E+j1RwRsydsZwrM/Y=

GET
H2 200 ;ord=1641471189366
ad.doubleclick.net/ddm/ad/eusiybv/rax/qpckidu/sxtbvzorqt/phw/ 43 B
628 B 42ms
17ms Image
image/gif 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/eusiybv/rax/qpckidu/sxtbvzorqt/phw/;ord=1641471189366?

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 18ms
17ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 232 B
153 B 36ms
20ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=1428elm.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f8f46c4c28c466419255016e5a74e40bc13bf2bb1e2d9c645e9e2b53c07e4001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 142 KB
53 KB 35ms
19ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fd6098c91f70f7cd54842cf54fd93f4fa5104847c39674509da6f1a12e4c355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54277
x-xss-protection: 0
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4323
date: Thu, 06 Jan 2022 11:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 06 Jan 2022 13:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: OGaLaNGdzjt2ETfeROAMp+cz4YDWUkhx8fuVSO/mUfHeF+e1tZmgjTZoPLr/P2/20g58e17vQ43WQBxHvq8vrA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 06 Jan 2022 12:13:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 124578X1617579.skimlinks.js Show response
s.skimresources.com/js/ 55 KB
20 KB 42ms
10ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5896848930c90cde811bebd8423c831fdbb596b1e0d92a1327e52f3b8e42847b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 09:34:27 GMT
server: AmazonS3
x-amz-request-id: 0W6WB1A4K004VY2G
etag: "5f8e92970c2760fb7cff17a3aba452de"
x-hw: 1641471189.cds102.fr8.hn,1641471189.cds246.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20602
x-amz-id-2: Z73ZayW17k+Ttr9/YXqr7LesJ1+0pSwkSNsZtJ9KtdpLfoe5syi2Bf2RhDNAWj7YXQAAN/r8voQ=

GET
H2 200 accessibility.js Show response
cdn.equalweb.com/core/3.0.3/ 34 KB
13 KB 103ms
32ms Script
application/javascript 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/core/3.0.3/accessibility.js

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1428elm.com/
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862546
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 30 May 2021 11:33:38 GMT
server: cloudflare
x-frame-options: deny
etag: W/"0155a24755d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsLuec00p39z7iHnKiQwH6kl%2BwK3JxVZvdvK1Prr49RmbhZ1axlQCndz0MjY4KOMchXwMBXJFItlYJs1ru%2F8BJPgxfRNrDVjth7s8ZtzmJl58kfoACbddNkLGFHDp0IO61lWUbHLJ0xbp%2Bm0sok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6c94dbd6586f5a1f-MXP

GET
H/1.1 200
OK minutemediaplus.js Show response
middycdn-a.akamaihd.net/publishers/ 445 B
1 KB 63ms
7ms Script
application/javascript 2.16.107.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://middycdn-a.akamaihd.net/publishers/minutemediaplus.js
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-83.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58f5d902861046c3903729e215261ae7d00dcc58ce09c6967c0609a75b5c30e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: XwF.UGdO0ErfOkUZxZqwbfaOUi65DdWH
ETag: "ab73e24f74663b0845f928a4aa94d86c"
x-amz-request-id: HM22TN4JQZQK26KJ
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 445
x-amz-id-2: Fy26eYtCLvpkAVEn8htBbzTW+WMhNuEPtcAduO4NeP6iBxumswmaOdLp6IKP/LPMdNW27srKk9Q=
Last-Modified: Wed, 04 Aug 2021 14:51:27 GMT
Server: AmazonS3
Date: Thu, 06 Jan 2022 12:13:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Thu, 06 Jan 2022 13:13:09 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_ucfr=1&ns__t=1641471189416&ns_c=UTF-8&cv=3.5&c8=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Comment...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1641471189416&ns_c=UTF-8&cv=3.5&c8=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commen...

0
226 B

9ms
9ms

Image
text/plain

13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1641471189416&ns_c=UTF-8&cv=3.5&c8=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&c7=https%3A%2F%2F1428elm.com%2F&c9=
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: vzH10BnBXI2pDRxHBvLWqSmVYQDoYGJpNfCUnTkQ94LKKqFFSMFQew==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1641471189416&ns_c=UTF-8&cv=3.5&c8=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&c7=https%3A%2F%2F1428elm.com%2F&c9=
content-length: 259
x-amz-cf-id: DcjiSE3YCWIQs3dZVHHUFmXyQHRsr-o5e2QE079nas_RQuHmZsVpeA==

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 70ms
7ms Image
image/gif 2600:9000:223f:da00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:da00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
age: 13204715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: 9zpg9GcnS9AjZtgbY8ydR8-pAhAHg6bJ96DBllaUfpkTZ_gsXrLx7g==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 62ms
20ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1428elm.com%2F&domain=1428elm.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://1428elm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://1428elm.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1501
date: Thu, 06 Jan 2022 12:13:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1428elm.com%2F&domain=1428elm.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=mGKI7nxyR0t0cXkyUGk3dmkvZGlwMXJPdW5MazE2YXZIbW85ZFUzQkxpTmhWK2JOQSt2dDBwb2hqQnVLOGxzWVZSWWx0YmNVdkFCQ0lpZmtTZDE0RzNDOUplUnQxNDlGcUtUanBvV1BKbG1iVnJRM1VVamh5Q2NQWDlsTz...

350 B
619 B

72ms
26ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mGKI7nxyR0t0cXkyUGk3dmkvZGlwMXJPdW5MazE2YXZIbW85ZFUzQkxpTmhWK2JOQSt2dDBwb2hqQnVLOGxzWVZSWWx0YmNVdkFCQ0lpZmtTZDE0RzNDOUplUnQxNDlGcUtUanBvV1BKbG1iVnJRM1VVamh5Q2NQWDlsTzY0MXFBUjFvcXZObWFZa0puSzRHTFJIWEI1UHpNWGo3TTE5WEtCbTFtVHZsZmo3MlNodE12d2gyL0RwREtiR3BWeVNua3VXRlMzcnFyUks3dTEzakxlMitwb0RVdGlnZUtPN01rZXNmS29qT2JyVmxUMGVzPXw&cppv=2

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

018fc9d48869804d3f3c95df81e4a4684540c479a64da0f69447a3780130caaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2405
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:08 GMT
location: https://mug.criteo.com/sid?cpp=mGKI7nxyR0t0cXkyUGk3dmkvZGlwMXJPdW5MazE2YXZIbW85ZFUzQkxpTmhWK2JOQSt2dDBwb2hqQnVLOGxzWVZSWWx0YmNVdkFCQ0lpZmtTZDE0RzNDOUplUnQxNDlGcUtUanBvV1BKbG1iVnJRM1VVamh5Q2NQWDlsTzY0MXFBUjFvcXZObWFZa0puSzRHTFJIWEI1UHpNWGo3TTE5WEtCbTFtVHZsZmo3MlNodE12d2gyL0RwREtiR3BWeVNua3VXRlMzcnFyUks3dTEzakxlMitwb0RVdGlnZUtPN01rZXNmS29qT2JyVmxUMGVzPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://1428elm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1939
content-length: 482
expires: 0

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 5057 0
102 B 44ms
17ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3920873371345506
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 43ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=10.950954399252351
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 44ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=10.950954399252351
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
16ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1007376176&t=pageview&_s=1&dl=https%3A%2F%2F1428elm.com%2F&ul=en-us&de=UTF-8&dt=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1886676883&gjid=923905270&cid=703579852.1641471190&tid=UA-1577313-14&_gid=230940216.1641471190&_r=1&gtm=2wgc10KXFQXHB&cd1=none&cd2=314&cd3=none&cd4=none&cd5=ENTERTAINMENT&cd6=Movies&cd7=none&cd8=Homepage&cd9=Payable%20Non%20Article&cd10=web-staticPHP&cd11=1428%20Elm&cd12=none&cd13=304&cd14=none&cd15=none&cd16=none&cd17=none&cd23=en&cd24=en&cd27=Homepage&cd73=0&cd75=WATCH%3A%20Hop%20down%20a%20new%20rabbit%20hole%3A%20Netflix%20unveils%20official%20Archive%2081%20trailer&cd76=%2F2022%2F01%2F05%2Fnetflix-releases-archive-81-trailer%2F&cd78=2&cm1=0&z=413184126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1428elm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
15ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1007376176&t=pageview&_s=1&dl=https%3A%2F%2F1428elm.com%2F&ul=en-us&de=UTF-8&dt=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1094002671&gjid=32761995&cid=703579852.1641471190&tid=UA-36315219-46&_gid=230940216.1641471190&_r=1&gtm=2wgc10KXFQXHB&cd1=none&cd2=314&cd3=none&cd4=none&cd5=ENTERTAINMENT&cd6=Movies&cd7=none&cd8=Homepage&cd9=Payable%20Non%20Article&cd10=web-staticPHP&cd11=1428%20Elm&cd12=none&cd13=304&cd14=none&cd15=none&cd16=none&cd17=none&cm1=0&z=1348574871

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1428elm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2811814612385369 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2811814612385369?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f36477c0931b9b5a060cd12175b3d898c11ea3d8acbc303436b5b380df72a479

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89166
x-xss-protection: 0
pragma: public
x-fb-debug: bM4Esoo/fMgFrFgLTqeBntA6qYa8yMaAkNly1Ey6Qkyt15sA+JYwdh1qLsFfZZjAUJjgCYXLcFiOFHstagnQCw==
x-frame-options: DENY
date: Thu, 06 Jan 2022 12:13:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
344 B 37ms
14ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NB8RD6J3M6&gtm=2oec10&_p=1007376176&sr=1600x1200&_gaz=1&ul=en-us&cid=703579852.1641471190&_s=1&dl=https%3A%2F%2F1428elm.com%2F&dt=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&sid=1641471189&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1428elm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 62ms
20ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NB8RD6J3M6&cid=703579852.1641471190&gtm=2oec10&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1428elm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NB8RD6J3M6&cid=703579852.1641471190&gtm=2oec10&aip=1&z=1369854844

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 195 B
366 B 43ms
18ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

b45e812f5250958a82c3f348bd1b8c42ddc350a657dcc41be9b93d691e259cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://1428elm.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 bootstrap.js Show response
cdn.browsiprod.com/bootstrap/ 39 KB
11 KB 34ms
8ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/publishers/minutemediaplus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5e3a9db794ec2da64c9ced252838eef2210012f8b7ab89e5a21762313c36bf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: zQbMSSVhozYdbbWcR45J0Lf1vjtcL17q
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 17:11:33 GMT
server: AmazonS3
age: 155
etag: W/"665ec58f0534eb8e4468202cd18b14f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control: public,max-age=3600
date: Thu, 06 Jan 2022 12:10:35 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: PuBGnAQTuqrZqFsCXnKcTZcVdzcEhc6gYq0GyPsxzovTx2d-OTjcnQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 36ms
19ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1577313-14&cid=703579852.1641471190&jid=1886676883&gjid=923905270&_gid=230940216.1641471190&_u=YEBAAEAAAAAAAC~&z=871660265

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 06 Jan 2022 12:13:09 GMT
content-type: text/plain
access-control-allow-origin: https://1428elm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 6C0F 319 KB
103 KB 41ms
41ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2F1428elm.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2389607
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Jan 2022 12:13:09 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 embed-0c3dd13a55.css
assets.omny.fm/bundles/ Frame 52BB 49 KB
9 KB 46ms
36ms Stylesheet
text/css 2606:4700:10::6814:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.omny.fm/bundles/embed-0c3dd13a55.css
Requested by: Host: omny.fm
URL: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d10f4ec4e25b50966bfaa6fdee4f96061888778f10f00616e91b6df37979565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1721
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 10 Sep 2021 03:38:03 GMT
server: cloudflare
etag: W/"0150d679720ee883eddce0849195dd5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-cf-pop: MAD50-C1
cf-ray: 6c94dbd6ff5859bf-MXP
x-amz-cf-id: 3bSV2vhbFXSWVcjGLf98LF_tVTf5bDk06_JPzLqFqwzknTsyTKgEdw==

GET
H2 200 embed.vendor-302d7b340f.js Show response
assets.omny.fm/bundles/ Frame 52BB 778 KB
240 KB 114ms
59ms Script
application/x-javascript 2606:4700:10::6814:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.omny.fm/bundles/embed.vendor-302d7b340f.js
Requested by: Host: omny.fm
URL: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee2c26f605e3c220fbc18af86c4a5a3e759f296739fa18987e459f477ba3e118

Request headers

Referer: https://omny.fm/
Origin: https://omny.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 6c3e48e00c5cc82a938a68d74aa420d9.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 6376
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 25 Oct 2021 04:51:12 GMT
server: cloudflare
etag: W/"d133404e52c2faabd5a04450f35f621e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
x-amz-cf-pop: MXP64-C1
cf-ray: 6c94dbd73dfe3746-MXP
x-amz-cf-id: v-zPn3mWQedXltuQXM2f2qgE3IP9KmVmAaI04BU8YeffwQohbUH5zQ==

GET
H2 200 embed-8ca72ebb78.js Show response
assets.omny.fm/bundles/ Frame 52BB 259 KB
61 KB 101ms
46ms Script
application/x-javascript 2606:4700:10::6814:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.omny.fm/bundles/embed-8ca72ebb78.js
Requested by: Host: omny.fm
URL: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 750840f592cb397941be5751ef424084f2a2122d14d595b42e76a8678908c303

Request headers

Referer: https://omny.fm/
Origin: https://omny.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 fc2a8947640b19b5664cba55dba67ad8.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1230
x-cache: Miss from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 02 Dec 2021 02:02:46 GMT
server: cloudflare
etag: W/"fee01f935e1c7a953c9a931043e352a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
x-amz-cf-pop: MXP64-C1
cf-ray: 6c94dbd73dff3746-MXP
x-amz-cf-id: VBt7ZCP0e_M0qeXQBv7OZNfJyTDlaOvMWU8fSMd3_6RLJKVLrLbF8g==

GET
H2 200 default.css Show response
cdn.equalweb.com/style/ 11 KB
3 KB 35ms
34ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/default.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862546
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 09 May 2021 14:33:43 GMT
server: cloudflare
x-frame-options: deny
etag: W/"807da04fe044d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YNoWcOU1UbHnv7yjahe5U%2F%2ByNJyQN%2B8rZwg%2BByEsh8ObQZBw8FH4e6rz1Hx5Odq6HL%2B8jPNX6XS6MUtietP8awNpD5LGQXBoIQ%2BqqKFtE07CKW%2FqHEjabcmhG4XlQQFiy3SiKC%2ByBvHmcYohmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6c94dbd6fa425a1f-MXP

GET
H2 200 btncolor.css Show response
cdn.equalweb.com/style/ 105 B
434 B 28ms
28ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/btncolor.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862546
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3f26cd3dfbc1d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kn%2BmKZQA5I40kCSBpRb%2FZj2ovUlbdBFMQRi%2F2LP5Nv6v3dBkEFd%2FDrLy7L%2BCRwnGgfkaey5K2InbnQTkyyLc1GaTviH94waIX9lODSRc6Ehp32lxEdv8NQjQFZD7RMIj5%2FgRNYsfoaKDQJ19waA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6c94dbd6fa465a1f-MXP

GET
H2 200 locale.js Show response
cdn.equalweb.com/assets/scripts/ 29 KB
10 KB 31ms
30ms Fetch
application/javascript 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/scripts/locale.js

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862546
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 07:22:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"80d59982334d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkcCRwKG4jXVdZWvgsH21YIcemaeJisqJvM%2B9kp6QdJ7O%2FWylANjO9aJImVtJhF1W%2F0fwxYlrkxI1vEnFoTT1Jw5B%2BUQpLI3jxGMoU0tlCgCQ1zfIgyTVcgYHjoHhwl3GHcswcdokKRByV%2FtVvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6c94dbd70a555a1f-MXP

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 91ms
19ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1255
date: Thu, 06 Jan 2022 12:13:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2811814612385369&ev=PageView&dl=https%3A%2F%2F1428elm.com%2F&rl=&if=false&ts=1641471189608&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641471189607.1714337586&it=1641471189517&coo=false&exp=p1&rqm=GET

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 57ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=703579852.1641471190&jid=1886676883&_u=YEBAAEAAAAAAAC~&z=88697603

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=703579852.1641471190&jid=1886676883&_u=YEBAAEAAAAAAAC~&z=88697603

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
98 B 493ms
163ms XHR
text/plain 54.190.217.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=rpsRDUAjzC
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.190.217.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-190-217-106.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:10 GMT
access-control-allow-credentials: true

GET
H2 200 v5 Show response
yield-manager.browsiprod.com/supply/ 2 KB
1 KB 114ms
44ms XHR
application/json 52.214.2.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=1428elm&url=https%3A%2F%2F1428elm.com%2F&bid=rpsRDUAjzC&at=1428%20Elm%20-%20Horror%20Genre%20News%2C%20Movies%2C%20TV%20Shows%2C%20Netflix%20%26%20Commentary&sw=1600&sh=1200
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.2.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-2-140.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.1 /
Resource Hash: 4d7f075d2b58e6bf94496e63205c84865f21ba81c96475bdccab75d636c8b927

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: akka-http/10.2.1
content-type: application/json

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 179 KB
44 KB 794ms
794ms Script
text/javascript 2600:9000:236e:a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=1428elm.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/1428elm.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44d2a42747952b49d0c809d22bbc34ac3bcf9e44c8f6e6147a16c005a60f1eb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:11 GMT
content-encoding: br
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 09 Dec 2021 17:12:27 GMT
server: AmazonS3
etag: W/"b4875f494506c6094876e2841b659712"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-id: CujlqL-OGI33ajHWFCep1TZql4YLi9B1ztRWHAKW_pu198MHOTxVfQ==

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
363 B 20ms
19ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://1428elm.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

POST
H2 200 api Show response
ls.skimresources.com/ 2 B
343 B 47ms
30ms XHR
application/json 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ls.skimresources.com/api

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.117.120.34.bc.googleusercontent.com

Software

Python/3.8 aiohttp/3.6.3 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.8 aiohttp/3.6.3
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1428elm.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 2

OPTIONS
H2 206 api
ls.skimresources.com/ Frame 0
0 43ms
16ms Preflight
text/plain 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.skimresources.com/api
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.117.120.34.bc.googleusercontent.com
Software: Python/3.8 aiohttp/3.6.3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://1428elm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://1428elm.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-credentials: true
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
date: Thu, 06 Jan 2022 12:13:09 GMT
server: Python/3.8 aiohttp/3.6.3
via: 1.1 google
alt-svc: clear

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
88 B 21ms
21ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://1428elm.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 52BB 121 KB
44 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQLML6N

Requested by

Host: omny.fm
URL: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0539fcb9eb18e358ba786cd9351f857e378e325cdbfb37b35e27f09dea4f448b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44701
x-xss-protection: 0
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H2 200 raygun.min.js Show response
cdn.raygun.io/raygun4js/ Frame 52BB 66 KB
21 KB 48ms
10ms Script
application/javascript 2600:9000:223d:9800:17:62f0:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Requested by: Host: omny.fm
URL: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:9800:17:62f0:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8051dd1295a05cbc5ffc8dffade6801634b68c334eed14b3026b91d051dbfc38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:07:29 GMT
content-encoding: gzip
last-modified: Sun, 12 Dec 2021 21:54:42 GMT
server: AmazonS3
age: 57941
etag: W/"0a09ca5cadf6e0535a156ee1a20a4b57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: ua5xrF0H68zkzwMJ-x1F7hqPS_4QF-E7_KWH7rsUTn3Vh5J8v7ApBw==

GET
H2 200 4.svg Show response
cdn.equalweb.com/assets/images/ 386 B
603 B 27ms
27ms Fetch
image/svg+xml 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/images/4.svg

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862545
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Aug 2019 12:49:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"dade21906748d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2icZ7jsPn6G7lL3mdOhkLwVQvTzy76g2dGVgFEJpJ7QGmwI32h5pnK2XEqRCKAabhNb7uchSyOb0bln4slj%2Fzj8EKV0LRNnmX6%2FbT1ce7fDFXIGQ8BF%2FpRxVCDd%2BgC0KoTLLDr8rfRvaUlvGvbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6c94dbd75b215a1f-MXP

GET
H2 200 custombtnstyle.css Show response
cdn.equalweb.com/style/ 4 KB
1 KB 28ms
28ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/custombtnstyle.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862545
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Mar 2020 09:11:26 GMT
server: cloudflare
x-frame-options: deny
etag: W/"0b350e0bbf6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBlTj6vAKc3ZZ%2BGnR8X34hP%2BSSWfswfvsSn59zU0ASZrBaCRRzjdU66bnrYM1rB9Ypca10DrSga1f0Eq%2FkSt9iIiqxQRXJzd%2BjUNR29VigAKYtIX8c3JAk1fYXRYupMjzV%2Ff4A%2BxsViXwkntc44%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6c94dbd75b235a1f-MXP

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
263 B 107ms
35ms Fetch
text/html 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=142140

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:09 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 103ms
31ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-21-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:09 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6C0F 232 B
447 B 146ms
118ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=5095e0bd3c421c71b3eb651211385f06e9a550ab

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2F1428elm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 111
date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 12:13:09 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: b6e7967c0b30d0dc929b3fd77e7ce812954e2bab52b169c1e8435af1253c7a93
content-length: 166

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 52BB 164 KB
60 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3QV3RVYDQ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLML6N

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb5e016950f794042f6c4ec1c108349df25a7074a1cb6c7016f9c12b9af9b0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61844
x-xss-protection: 0
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 52BB 49 KB
20 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLML6N

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4323
date: Thu, 06 Jan 2022 11:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 06 Jan 2022 13:01:06 GMT

GET
H2 200 middy-desktop-3.12.6.js Show response
cdn.browsiprod.com/sd/apps/middy/ 305 KB
69 KB 24ms
10ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.12.6.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1231404d3b265f0ca2c41bf123b558f28c0126568b3f7f90ec464576f33168fa

Request headers

Referer: https://1428elm.com/
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:54:43 GMT
content-encoding: br
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1538307
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 19 Dec 2021 15:33:52 GMT
server: AmazonS3
etag: W/"9167627389651390875209c2ccb0ed2a"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: m8pJW5y8a_ItWZrDFoLVvRXKhQ0X8MSH
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: XY4vxhS7g9QJez0zA8nrFDzvI4DmGGI3_vKnmIdEvkAMR2_BgHGBRA==

GET
H3 200 embed.icons-sprite.svg Show response
assets.omny.fm/bundles/ Frame 52BB 315 KB
46 KB 73ms
47ms XHR
image/svg+xml 2606:4700:10::6814:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.omny.fm/bundles/embed.icons-sprite.svg?v=d46ac8c38c2a02a822765efc982fecf62aac2479
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3e11b7e61d20c17894996aa2ccb7209aa276eb56d76390e9a67e595694c99d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:09 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 979
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 27 Aug 2021 02:39:25 GMT
server: cloudflare
etag: W/"8c2a6a236bc9eed8adeee2b050886793"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
cf-ray: 6c94dbd8682cf917-MXP
x-amz-cf-id: Gc8dmF_uoiKnooXtGnSNkhZyyVZfj0V1zbuq8RjtO16g5lUtBVU_4A==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ Frame 52BB 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: omny.fm
URL: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 23:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Jan 2023 23:25:09 GMT

GET
H3 200 podcast Show response
omny.fm/api/embed/shows/slasher-radio-podcast/playlist/ Frame 52BB 679 KB
21 KB 241ms
216ms XHR
application/json 2606:4700:10::6814:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://omny.fm/api/embed/shows/slasher-radio-podcast/playlist/podcast
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 641adc35bd0f1d72f71eabb61b6209946ca84e767eb9f22dbf72ba14dfcb7b61

Request headers

Accept: application/json, text/plain, */*
Referer: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jan 2022 12:11:22 GMT
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=120
cf-ray: 6c94dbd8afaf375e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 v2xfkn5EWc5F3azXmxXMIj7NqMRaRvUFDsSUBe8U5-jD34lpXZx7wSfGOR3y_bDRpUwTH9Fud Show response
memorizeneck.com/ 209 B
603 B 55ms
17ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://memorizeneck.com/v2xfkn5EWc5F3azXmxXMIj7NqMRaRvUFDsSUBe8U5-jD34lpXZx7wSfGOR3y_bDRpUwTH9Fud

Requested by

Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

e8be029ab525c90a836ff36619490de4bd3273b783c55facd7b18340e097b81e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 06 Jan 2022 12:13:09 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1428elm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: a26589ac
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 209
expires: Thu, 06 Jan 2022 12:13:08 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 7 KB
4 KB 444ms
444ms Fetch
text/html 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=142140&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2F1428elm.com%2F&icr_url=&revsub[hostname]=1428elm.com&va=0&time=1641471189906&up=pc&bn=chrome&bv=96&widget_width=300&style_id=0&idhub[pubcid]=796870ff-febb-489a-816f-2b440ca70397

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

85975f383479f4070e6e380572a58a8b9537910fd4e47f951ed9a41596bf64c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:10 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://1428elm.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 3397

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
99 B 189ms
162ms XHR
text/plain 54.190.217.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=1abe37ad-642a-4995-9f79-dd7b69f4831f
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.12.6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.190.217.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-190-217-106.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:10 GMT
access-control-allow-credentials: true

GET
H2 200 abd.js Show response
cdn.browsiprod.com/ 3 KB
2 KB 9ms
8ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/abd.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.12.6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer: https://1428elm.com/
Origin: https://1428elm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding: br
etag: W/"bc70a2c30105ea2f98d83f5ad623fc39"
age: 81031
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 08 Jul 2018 12:47:26 GMT
server: AmazonS3
date: Wed, 05 Jan 2022 13:42:39 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 5L6hHkYKg1VZy8XafJ3JVdPvQPpoJ_Go_nzAGcc7IS7G8alVXYF5fg==

GET
H2 200 web-vitals.iife.2.1.0.js Show response
cdn.browsiprod.com/web-vitals/ 4 KB
2 KB 7ms
7ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/web-vitals/web-vitals.iife.2.1.0.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.12.6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e431799a0471855f8f67001d81a13ba653d305bfcdf1bb15fa7c6d7d38fdcd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: huAUM6dLZU3pJ_ozGgIDIW5r9F6Vs0I0
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 14:17:02 GMT
server: AmazonS3
age: 66949
etag: W/"63f1aaa631965b63030774d88005ed64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date: Wed, 05 Jan 2022 17:56:10 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: vp5NbWPtTvLC6d5Kei7al3l1TpiKTz1cbuI3ibSlWWNwNZXDricAdA==

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
98 B 188ms
162ms XHR
text/plain 54.190.217.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=1abe37ad-642a-4995-9f79-dd7b69f4831f
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.12.6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.190.217.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-190-217-106.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:10 GMT
access-control-allow-credentials: true

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
98 B 187ms
162ms XHR
text/plain 54.190.217.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=1abe37ad-642a-4995-9f79-dd7b69f4831f
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.12.6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.190.217.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-190-217-106.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:10 GMT
access-control-allow-credentials: true

GET
H3 200 css
fonts.googleapis.com/ Frame 52BB 8 KB
704 B 32ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 11:13:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 12:13:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 12:13:09 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 52BB 44 KB
44 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://omny.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 512467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:52:02 GMT

POST
H2 200 v2szyQ46pCs5lurTXglAXlapld_EbBwcdDU8bZgp-YIDT5fXzEjVAexBEsXpiQLyHx3VXgVe- Show response
memorizeneck.com/ 3 B
36 B 29ms
29ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://memorizeneck.com/v2szyQ46pCs5lurTXglAXlapld_EbBwcdDU8bZgp-YIDT5fXzEjVAexBEsXpiQLyHx3VXgVe-

Requested by

Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 06 Jan 2022 12:13:09 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1428elm.com
access-control-allow-credentials: true
x-hostname: a26589ac
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 52BB 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.omny.fm
URL: https://assets.omny.fm/bundles/embed-8ca72ebb78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4324
date: Thu, 06 Jan 2022 11:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 06 Jan 2022 13:01:06 GMT

GET
H3 200 image.jpg
omny.fm/shows/slasher-radio-podcast/playlists/podcast/ Frame 52BB 25 KB
26 KB 220ms
220ms Image
image/jpeg 2606:4700:10::6814:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/image.jpg?t=1633029857&size=Small
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96f72e14fbf6d8f582661c5ba51e0afa1a9a219ab309bc4cae8c17bdaa8f8264

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/shows/slasher-radio-podcast/playlists/podcast/embed?style=cover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:10 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Dec 2021 16:44:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *, Accept-Encoding
content-type: image/jpeg
expires: Tue, 18 Jan 2022 16:44:53 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6c94dbda7b7f375e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25985
cf-bgj: h2pri

GET
H2 200 waveform Show response
www.omnycontent.com/d/clips/33250137-f269-48a3-86dc-abcd016c932f/790cb0e3-7e16-442f-b4b1-acb001781ebb/f1cd1257-0967-4018-84f3-ae14006d74ef/ Frame 52BB 28 KB
20 KB 80ms
10ms XHR
application/json 2600:9000:225e:8a00:b:13ba:bb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.omnycontent.com/d/clips/33250137-f269-48a3-86dc-abcd016c932f/790cb0e3-7e16-442f-b4b1-acb001781ebb/f1cd1257-0967-4018-84f3-ae14006d74ef/waveform?t=1641365155&token=eLKQJBjzxntFp2ni8kITgz1FAPDLfMtH
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8a00:b:13ba:bb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f88e44b9602abdbc0f75d52723935538665056f71c2427664b91171773f5059

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 14:08:03 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
age: 79507
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 05 Jan 2022 06:45:55 GMT
server: cloudflare
etag: "0x8D9D017061B94E4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
content-type: application/json
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
cache-control: public, max-age=5184000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
cf-ray: 6c8d46c3b9a82be9-FRA
x-amz-cf-id: YDLPwbH086Kp_q0sp_uCrV1C5JhnZ7zSlWvjYKK83GCFa8eeRs6ySA==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 01C0 0
18 B 18ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1428elm.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://1428elm.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 06 Jan 2022 12:13:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 52BB 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1379397174&t=pageview&_s=1&dl=https%3A%2F%2Fomny.fm%2Fshows%2Fslasher-radio-podcast%2Fplaylists%2Fpodcast%2Fembed%3Fstyle%3Dcover&dr=https%3A%2F%2F1428elm.com%2F&ul=en-us&de=UTF-8&dt=Slasher%20Radio%20Podcast&sd=24-bit&sr=1600x1200&vp=800x500&je=0&_u=YAhAAAABCAAAAC~&jid=889093487&gjid=809734909&cid=1271243641.1641471190&tid=UA-23669758-4&_gid=1986336550.1641471190&_r=1&_slc=1&z=2004319769

Requested by

Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://omny.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://omny.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 52BB 4 B
25 B 41ms
20ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23669758-4&cid=1271243641.1641471190&jid=889093487&gjid=809734909&_gid=1986336550.1641471190&_u=YAhAAAAACAAAAC~&z=1528064191

Requested by

Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://omny.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 06 Jan 2022 12:13:10 GMT
content-type: text/plain
access-control-allow-origin: https://omny.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 52BB 42 B
63 B 49ms
32ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23669758-4&cid=1271243641.1641471190&jid=889093487&_u=YAhAAAAACAAAAC~&z=883161791

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 52BB 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23669758-4&cid=1271243641.1641471190&jid=889093487&_u=YAhAAAAACAAAAC~&z=883161791

Requested by

Host: 1428elm.com
URL: https://1428elm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 94ms
32ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:10 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 25 KB
8 KB 12ms
11ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26676de62f09eaacd7f79fab80ce4fb8c3ff66802ddbbd8ed43dace675701446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:10 GMT
content-encoding: gzip
last-modified: Thu, 30 Dec 2021 19:34:44 GMT
server: AmazonS3
x-amz-request-id: DACGE92KAGE5M7X2
etag: "b304bf0b97f2ff87a610ace797c1eda2"
x-hw: 1641471190.cds149.fr8.hn,1641471190.cds154.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 7715
x-amz-id-2: UZq8nxgPtIonBE79aAyho99HIs9vcHuMkicXoSlYt0093Z3vDcTXAwLJv2NgGa2yUnYKhZI6TYs=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 17 KB
6 KB 12ms
11ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82bfb5ba54d003d3da4b961c975fe32ce2a5da0eb4a018b51da111cdca32d02b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:10 GMT
content-encoding: gzip
last-modified: Thu, 30 Dec 2021 19:34:41 GMT
server: AmazonS3
x-amz-request-id: DACQM4655X35G8G4
etag: "9c9a88514ebfdfab0ce74a416ca0121f"
x-hw: 1641471190.cds149.fr8.hn,1641471190.cds280.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6279
x-amz-id-2: pgJI2rTtXxvPBS0GtkT66OmnmCO4FKWPEYjFpHYJppLPDXeAuVqaKQmgHl2MopDy2LlMtosuLHc=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 11ms
10ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea263f4fc0b14d76776443f7c174b07bc49dfcf61f6c9445aa148298d409b467

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:10 GMT
content-encoding: gzip
last-modified: Thu, 30 Dec 2021 19:34:43 GMT
server: AmazonS3
x-amz-request-id: DACNB5MMMKFDQ64B
etag: "aab41a2a4ce15e5c81c807b70965d8d3"
x-hw: 1641471190.cds149.fr8.hn,1641471190.cds002.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 1642
x-amz-id-2: eh4wgitEHb1Jqer3/dYzr+FL6uBJ29rQHI/Ao921ZTYHXRnhIye7myqWF1Vw0AL7KN0CVS4xJ04=

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 44ms
9ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: 1428elm.com
URL: https://1428elm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:10 GMT
last-modified: Tue, 28 Dec 2021 19:43:22 GMT
etag: "1640720602"
x-hw: 1641471190.cds167.fr8.hn,1641471190.cds130.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=44
accept-ranges: bytes
content-length: 4298

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 35ms
7ms XHR
application/json 2600:9000:225e:4800:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=1428elm.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be3e6ce4107dfe75c6ed8d87f06761d7b4c19db8ecab97a36a5b67c4eb4f8fb5

Request headers

Accept: application/json, text/plain, */*
Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 03:00:35 GMT
content-encoding: br
age: 33156
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 19:52:29 GMT
server: AmazonS3
etag: W/"fe8c8b5e209e644733d0f8409ab6b3e6"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: zCrQHiuNw31hrghkNyGCtDjPASEg7Q_.
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P4
content-type: application/json
x-amz-cf-id: 8wm9lPfaBmHr6Ap5b5FhEIp5diqNd9RN1Ww0ZmWGE1h093abB2WbKA==

GET
H2 200 flyoutInjector.js Show response
app.fansided.com/scripts/ 3 KB
2 KB 60ms
9ms Script
application/javascript 2600:9000:2251:8600:1b:3a6c:1300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.fansided.com/scripts/flyoutInjector.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8600:1b:3a6c:1300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e15a863cf5c93621c44996060e5447c45cc117c446a350a00ec4b4266075bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:16:19 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 22:28:47 GMT
server: AmazonS3
age: 4839
etag: W/"ffad40a56d1cafd94dfb7932bd879384"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: oDso3930_rO-JpgPThPgWGAU1EK_q8s3pcC5raGhogr326BwTU_6Kg==

GET
H2 200 60e752b36808e1-06853649.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 6 KB
6 KB 42ms
11ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/60e752b36808e1-06853649.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fc97caf499353ade2d9c752b23316b57c34c8535f5a1e1c6691755cb30998dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:10 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=1;cpu=0;start=2021-12-13T23:51:00.979Z;desc=hit,rtt;dur=0
content-length: 5974
x-request-id: 0a6df18e343f31c5488035a19032bbe5
last-modified: Fri, 09 Jul 2021 17:38:38 GMT
server: Cloudinary
etag: "bcb0b37d57962997c21ef77e85ed5d8c"
strict-transport-security: max-age=604800
x-hw: 1641471190.cds159.fr8.hn,1641471190.cds289.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/37/ 225 KB
55 KB 9ms
9ms Script
text/javascript 2600:9000:236e:a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/37/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=1428elm.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dfd2e5cb40fb214d83497ea62a36fccabf26b2acf06fa9b39ce029eac68c79c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:03:10 GMT
content-encoding: br
age: 69001
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 09 Dec 2021 17:11:55 GMT
server: AmazonS3
etag: W/"28ec6544f84ac9b933726d5d5aad6f50"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 5Sbzrke9BMnLflsx3nwb1jCCWnh3hJVOjcLQT1PqA5GutmUsySwBIA==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 280 KB
33 KB 26ms
9ms XHR
application/json 2600:9000:236e:a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=1428elm.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a5644261da7ba59c4bf654ec51d53a990904a8505d9d8e080d04f68b360943e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 03:00:34 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 33157
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 03:00:32 GMT
server: AmazonS3
etag: W/"b00fb41673387598be8fa3e5bdccae69"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: PV2slt7_l-WcXNz8QwVMWda_BV00_i4Ihy658WF-r5q-1EZ9VxC22A==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
36 KB 33ms
17ms XHR
application/json 2600:9000:236e:a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=1428elm.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d3139993c50cefa4e435ed10e9b05e89b04f0d2013e5e0059d3d91f2558c33f

Request headers

Accept: application/json, text/plain, */*
Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 03:00:30 GMT
content-encoding: br
age: 33160
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 03:00:26 GMT
server: AmazonS3
etag: W/"622416d5bb2a968b92631e853a1dc1a0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: jzHcB63XYifc6LjWofHq6duAtyqUibya9z9Zu9rDLS_vhCgZ-X77vw==

GET
H2 200 fansided-logo.svg
cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/ 8 KB
3 KB 7ms
7ms Image
image/svg+xml 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/fansided-logo.svg
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/37/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1428elm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 18:42:39 GMT
server: Akamai
etag: W/"61ae599f-2191"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1263257
date: Thu, 06 Jan 2022 12:13:10 GMT
x-cache-config: 0 0
content-length: 3016
expires: Fri, 21 Jan 2022 03:07:27 GMT

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
506 B 37ms
11ms XHR
text/html 18.66.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22f3-DFdjnrLazk%22%2C%22domain%22%3A%221428elm.com%22%2C%22publisher%22%3A%221428%20Elm%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.37%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22U4eC3v4u1uBPvrYrGeui4g%22%2C%22clientTimestamp%22%3A1641471190506%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-4kprsqbc348sfgr8j5if%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/37/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:13:10 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: z3ebke5-ESmrNQtTx6P-_dNVYGV-qL9pGuNWu4igFZARDIK3M4QJoA==

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
98 B 160ms
160ms XHR
text/plain 54.190.217.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=1abe37ad-642a-4995-9f79-dd7b69f4831f
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.12.6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.190.217.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-190-217-106.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:10 GMT
access-control-allow-credentials: true

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 33ms
32ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:10 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 31ms
31ms Fetch 52.213.21.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.21.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-21-126.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://1428elm.com
date: Thu, 06 Jan 2022 12:13:10 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
325 B 42ms
16ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jan 2022 12:13:11 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://1428elm.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
334 B 119ms
48ms XHR
application/json 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: adf7195aa286be04418f99b732d3926cc8a9b10a12d0426f21ca4d1c738ddd28

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 12:13:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://1428elm.com
cache-control: no-cache
x-server: 10.45.14.90
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
541 B 119ms
46ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 65becdde61a9e8991f894e21e8cee6aae0058622853590b5b949e820fa41e624

Request headers

Referer: https://1428elm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jan 2022 12:13:11 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1428elm.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 05 Feb 2022 12:13:11 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1428elm.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 00:07:55	Name: stateCode Value: HE
1428elm.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 00:07:55	Name: countryCode Value: DE
1428elm.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 00:07:55	Name: cityCode Value: FRANKFURT
1428elm.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 00:07:55	Name: isMobile Value: false
1428elm.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 00:07:55	Name: isTablet Value: false
1428elm.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 00:07:55	Name: userDevice Value: desktop
1428elm.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 00:07:55	Name: stateCode Value: HE
1428elm.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 00:07:55	Name: countryCode Value: DE
1428elm.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 00:07:55	Name: cityCode Value: FRANKFURT
1428elm.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 00:07:55	Name: isMobile Value: false
1428elm.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 00:07:55	Name: isTablet Value: false
1428elm.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 00:07:55	Name: userDevice Value: desktop
1428elm.com/wp-content/plugins/mm-video/styles	1970-01-20 00:07:55	Name: stateCode Value: HE
1428elm.com/wp-content/plugins/mm-video/styles	1970-01-20 00:07:55	Name: countryCode Value: DE
1428elm.com/wp-content/plugins/mm-video/styles	1970-01-20 00:07:55	Name: cityCode Value: FRANKFURT
1428elm.com/wp-content/plugins/mm-video/styles	1970-01-20 00:07:55	Name: isMobile Value: false
1428elm.com/wp-content/plugins/mm-video/styles	1970-01-20 00:07:55	Name: isTablet Value: false
1428elm.com/wp-content/plugins/mm-video/styles	1970-01-20 00:07:55	Name: userDevice Value: desktop
1428elm.com/	1970-01-20 00:07:55	Name: stateCode Value: HE
1428elm.com/	1970-01-20 00:07:55	Name: countryCode Value: DE
1428elm.com/	1970-01-20 00:07:55	Name: cityCode Value: FRANKFURT
1428elm.com/	1970-01-20 00:07:55	Name: isMobile Value: false
1428elm.com/	1970-01-20 00:07:55	Name: isTablet Value: false
1428elm.com/	1970-01-20 00:07:55	Name: userDevice Value: desktop
.doubleclick.net/	1970-01-19 23:57:52	Name: test_cookie Value: CheckForPermission
.scorecardresearch.com/	1970-01-20 17:14:39	Name: UID Value: 1DCJISE3YCWIQS3DZVHHUFg1641471189
1428elm.com/	1970-01-20 00:41:03	Name: _pbjs_userid_consent_data Value: 3524755945110770
.1428elm.com/	1970-01-20 04:17:03	Name: _pubcid Value: 796870ff-febb-489a-816f-2b440ca70397
.1428elm.com/	1970-01-19 23:59:17	Name: _gid Value: GA1.2.230940216.1641471190
.1428elm.com/	1970-01-19 23:57:51	Name: _gat_UA-1577313-14 Value: 1
.1428elm.com/	1970-01-19 23:57:51	Name: _gat_UA-36315219-46 Value: 1
.1428elm.com/	1970-01-20 17:29:03	Name: _ga_NB8RD6J3M6 Value: GS1.1.1641471189.1.0.1641471189.60
.1428elm.com/	1970-01-20 17:29:03	Name: _ga Value: GA1.1.703579852.1641471190
.1428elm.com/	1970-01-20 02:07:27	Name: _fbp Value: fb.1.1641471189607.1714337586
1428elm.com/	1970-01-19 23:57:52	Name: __browsiSessionID Value: 7bdb02cf-76bf-4b2b-9100-53c5ea4a5cd1&false&false&DEFAULT&de&desktop-3.12.6&false
1428elm.com/	1970-01-20 08:43:27	Name: __browsiUID Value: 48959514-fdb0-445c-9450-473f3e6c470c
1428elm.com/	1970-01-20 09:19:27	Name: cto_bidid Value: vH5WgV9kYldVeGZGYSUyRm1CNnRTeFptYkVjYW9NTElzZGEwdW1rY1h6TlQyNW9WeDZlS1pleFcwa0s1aHI5RmNtJTJCUm40a1JTVjRqbFZwOWFJQVhPcFlCOFI0QUElM0QlM0Q
1428elm.com/	1970-01-20 09:19:27	Name: cto_bundle Value: 3zRtRl9OOWZuJTJCNHdyOGxlWjBYQ09qZFBmUWQyQ0x5MHIxeVNpOHNxc2FmaEwxMnFhMThWdDR6ckUlMkI5U1djJTJGeWF4S1Z0JTJGcWxmbGlqYURsMkhQVWtsT09Td1pRdTElMkZaQXZaaDlQNWZRWng4UzJsYzFhMUx4MEZMSE9UckJuWEhLa2pVUG8
.1428elm.com/	1970-01-21 02:14:39	Name: _awl Value: 2.1641471189.0.5-84e747ca9fe1d74341e8e581cdaa5131-6763652d6575726f70652d7765737431-0
.omny.fm/	1970-01-20 17:29:03	Name: _ga Value: GA1.2.1271243641.1641471190
.omny.fm/	1970-01-19 23:59:17	Name: _gid Value: GA1.2.1986336550.1641471190
.omny.fm/	1970-01-19 23:57:51	Name: _gat Value: 1
1428elm.com/	1970-01-19 23:57:54	Name: _lr_retry_request Value: true
1428elm.com/	1970-01-20 00:41:03	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-20 08:43:27	Name: TDID Value: e3de48a2-24b4-4cc7-ad75-25497d630bf9
.1428elm.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1641557591539
1428elm.com/	1970-01-20 01:24:15	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22e3de48a2-24b4-4cc7-ad75-25497d630bf9%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-06T12%3A13%3A11%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/iframeSizer.min.js?ver=4.9.18 Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://omny.fm') does not match the recipient window's origin ('https://1428elm.com').
security	error	URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://platform.twitter.com') does not match the recipient window's origin ('https://1428elm.com').
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1428elm.com
ad.doubleclick.net
ads.pubmatic.com
ajax.googleapis.com
analytics.google.com
api.rlcdn.com
app.fansided.com
assets.omny.fm
assets.revcontent.com
audit-tcfv2.quantcast.mgr.consensu.org
c.amazon-adsystem.com
cdn.browsiprod.com
cdn.equalweb.com
cdn.fansided.com
cdn.raygun.io
cdn.revcontent.com
cdn3.optimizely.com
connect.facebook.net
d3ujids68p6xmq.cloudfront.net
events.browsiprod.com
fonts.googleapis.com
fonts.gstatic.com
gammamaximum.com
gum.criteo.com
id.crwdcntrl.net
images.revcontent.com
images2.minutemediacdn.com
ls.skimresources.com
match.adsrvr.org
memorizeneck.com
middycdn-a.akamaihd.net
mug.criteo.com
native.sharethrough.com
omny.fm
p.skimresources.com
platform.twitter.com
quantcast.mgr.consensu.org
r.skimresources.com
s.skimresources.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
syndication.twitter.com
t.skimresources.com
test.quantcast.mgr.consensu.org
trends.revcontent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.omnycontent.com
yield-manager.browsiprod.com
104.244.42.136
13.32.121.106
13.32.99.21
142.250.184.194
142.250.186.166
15.197.193.217
151.101.66.217
151.139.128.11
178.250.0.157
18.66.109.174
18.66.97.12
18.66.97.68
2.16.107.83
2.16.186.17
2.18.233.180
23.37.32.235
2600:9000:223d:9800:17:62f0:2dc0:93a1
2600:9000:223f:da00:8:48e:53c0:93a1
2600:9000:2251:8600:1b:3a6c:1300:93a1
2600:9000:225e:4800:3:a4cd:8380:93a1
2600:9000:225e:8a00:b:13ba:bb40:93a1
2600:9000:236e:a00:9:46dc:4700:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:6a3e
2606:4700:10::6814:6b3e
2606:4700:20::681a:c5f
2a00:1450:4001:810::2003
2a00:1450:4001:812::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a02:2638:1::13
2a02:26f0:6c00::210:ba29
2a02:26f0:ef::5c7b:c27a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.117.212
34.120.133.55
35.190.48.184
35.190.59.101
35.190.91.160
35.201.67.47
35.201.98.64
52.213.21.126
52.214.2.140
52.222.206.228
54.190.217.106
63.35.242.195
018fc9d48869804d3f3c95df81e4a4684540c479a64da0f69447a3780130caaf
04849b1de06f93f1c9cd6cc95301e036e3121988e0f3c7a90ecf475303b694ba
04e157179d65122899f04ae1ca5abce931d79afb7d71a77dbd10be055a831afd
04e94049f021c04df2fd03c9eb6736233808ec2ad4671fdfff7488627c4bcae4
0539fcb9eb18e358ba786cd9351f857e378e325cdbfb37b35e27f09dea4f448b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a919ef477d47a8e6e7cdfb4da000abe193428a1b14ee072016c843d90bc5953
0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be
0d10f4ec4e25b50966bfaa6fdee4f96061888778f10f00616e91b6df37979565
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73
1231404d3b265f0ca2c41bf123b558f28c0126568b3f7f90ec464576f33168fa
131ed8e00c533d7b5c15c868d5d6c11bd969db51f2edba24c22b81e8a4599ebf
14e6ca0167f6a25b412bfd7b0061ab643215a6de77d9799977a393096f4ae781
1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae
1a17e916c231c44676b729589a258a2e9083f092474760d454fbd22ac30e1c47
1beb70aeb160cd10c6baf44b05b80681e31a6fb4b1617da1437482fd38b472d5
2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5
26676de62f09eaacd7f79fab80ce4fb8c3ff66802ddbbd8ed43dace675701446
292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141
334a98eaeec325cbc84a300e98e133aae9fac74e682f34d11bf0cea7236781f1
373f7f695977dc425b9936b756746f06fb589b4d7c6e845e9d48bad048fc05c4
380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7
384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d2a42747952b49d0c809d22bbc34ac3bcf9e44c8f6e6147a16c005a60f1eb3
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
4a07279d0df1ed1d2f92b3cb85c7b44eb5b53287146e976da68c74530fc4b820
4d7f075d2b58e6bf94496e63205c84865f21ba81c96475bdccab75d636c8b927
4f88e44b9602abdbc0f75d52723935538665056f71c2427664b91171773f5059
5896848930c90cde811bebd8423c831fdbb596b1e0d92a1327e52f3b8e42847b
58f5d902861046c3903729e215261ae7d00dcc58ce09c6967c0609a75b5c30e3
5a014be48ad2d69469e55c2f6ef8f0a37b844bb92c4b0c690fc198e70e075410
5a4f2af1233a1e145c041dd1a12f4c6e1fffb405112b9f06fbd2ccc79adc6f59
5fd6098c91f70f7cd54842cf54fd93f4fa5104847c39674509da6f1a12e4c355
641adc35bd0f1d72f71eabb61b6209946ca84e767eb9f22dbf72ba14dfcb7b61
65becdde61a9e8991f894e21e8cee6aae0058622853590b5b949e820fa41e624
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca7821ff13a0a119d09777e14ddc2611695475a8ed77436207557d8539d7779
6d3139993c50cefa4e435ed10e9b05e89b04f0d2013e5e0059d3d91f2558c33f
6de712de412a66b001d67b744077bf9e5fae98fdc44f6d59cf5ee44022d0e9e3
72510cac0a0ef512d110f80fec4d188c15a6cc5d77f944df2882e7299225403f
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6
750840f592cb397941be5751ef424084f2a2122d14d595b42e76a8678908c303
7c4379ae888a737fd330f0c964e263b1a64a51a7a69a5c76f3dc049a7f1b325a
7e15a863cf5c93621c44996060e5447c45cc117c446a350a00ec4b4266075bb0
8051dd1295a05cbc5ffc8dffade6801634b68c334eed14b3026b91d051dbfc38
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489
82bfb5ba54d003d3da4b961c975fe32ce2a5da0eb4a018b51da111cdca32d02b
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1
82edd467a8b50a2879b8f27e79caf54443d18737eaa835323e3bc1c76a1ff5a1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85975f383479f4070e6e380572a58a8b9537910fd4e47f951ed9a41596bf64c9
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a5644261da7ba59c4bf654ec51d53a990904a8505d9d8e080d04f68b360943e
8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
96f72e14fbf6d8f582661c5ba51e0afa1a9a219ab309bc4cae8c17bdaa8f8264
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9dfd2e5cb40fb214d83497ea62a36fccabf26b2acf06fa9b39ce029eac68c79c
9e431799a0471855f8f67001d81a13ba653d305bfcdf1bb15fa7c6d7d38fdcd4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a
adf7195aa286be04418f99b732d3926cc8a9b10a12d0426f21ca4d1c738ddd28
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2
b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a
b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c
b45e812f5250958a82c3f348bd1b8c42ddc350a657dcc41be9b93d691e259cf0
b6bb2d13c0abb405d05b3b43c2a985937a5071f382521cd9a026f8e38ad33585
b6e56f7d4d691eae8da027ce18e651b6e0b6a3fd7facd5aff5b5a2d0fafdde7e
bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786
be3e6ce4107dfe75c6ed8d87f06761d7b4c19db8ecab97a36a5b67c4eb4f8fb5
beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20
c5e3a9db794ec2da64c9ced252838eef2210012f8b7ab89e5a21762313c36bf7
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdcfe798d0f7bac375a28b5ebe918d9b150d67f7cb8eea40ea956ac579f65f95
cebeddb882f180ad46537849414a2bf4418e21059254df1747d0973ef8c1c83e
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d3e11b7e61d20c17894996aa2ccb7209aa276eb56d76390e9a67e595694c99d3
d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d
d7dc9baa04f07dc4fd914abdce6828e02b39f404b29594c8308869780eae3c8c
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e1e38da139b32cf100618104a031b37c817bfcf7e8d2eececc91a9865ef48cdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87c336921af958891cc38b693fb15fffb2472360e2645b72c250f7a5dc53181
e8be029ab525c90a836ff36619490de4bd3273b783c55facd7b18340e097b81e
e935a508e1cb30b68e129c23b21dbe8e84e8c92c3940a9a30e0a5eaf29b65cca
ea263f4fc0b14d76776443f7c174b07bc49dfcf61f6c9445aa148298d409b467
ecd8799f73c6448e0900077d29c47a134dc4e755c1a3d2d1b17171fad091f65a
ee2c26f605e3c220fbc18af86c4a5a3e759f296739fa18987e459f477ba3e118
ee5cee59a5aae5b3a05e9ba3de8f668ccb79b0f03a304d243e4633e081981440
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36477c0931b9b5a060cd12175b3d898c11ea3d8acbc303436b5b380df72a479
f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681
f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35
f8f46c4c28c466419255016e5a74e40bc13bf2bb1e2d9c645e9e2b53c07e4001
f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc
f9f66f6ff7e8894b5051577f20f95306a8933c8bbf8e4e5f202b019d1851f3dd
fb09d617a359ba0030ba32a4eed457ab9ecdebc19c37495d74204aa3a3d47c96
fb5e016950f794042f6c4ec1c108349df25a7074a1cb6c7016f9c12b9af9b0b0
fc97caf499353ade2d9c752b23316b57c34c8535f5a1e1c6691755cb30998dab
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

1428elm.com Open in urlscan Pro 2a02:26f0:ef::5c7b:c27a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

99 %HTTPS

45 %IPv6

36 Domains

55 Subdomains

51 IPs

5 Countries

2306 kBTransfer

8322 kBSize

47 Cookies

90 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1428elm.com Open in urlscan Pro
2a02:26f0:ef::5c7b:c27a Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

99 %
HTTPS

45 %
IPv6

36
Domains

55
Subdomains

51
IPs

5
Countries

2306 kB
Transfer

8322 kB
Size

47
Cookies

150 HTTP transactions
0 data transactions