www.elderscrollsbote.de Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.elderscrollsbote.de/
Effective URL:
https://www.elderscrollsbote.de/
Submission: On June 24 via api (June 24th 2024, 10:43:49 am UTC) from US — Scanned from DE

Summary HTTP 68 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 24 domains to perform 68 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.elderscrollsbote.de.
TLS certificate: Issued by E1 on May 30th 2024. Valid for: 3 months.

This is the only time www.elderscrollsbote.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.131.42 151.101.131.42	54113 (FASTLY) (FASTLY)
3	172.67.209.159 172.67.209.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:2e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
1	18.245.31.66 18.245.31.66	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
4	23.197.10.19 23.197.10.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	151.101.67.42 151.101.67.42	54113 (FASTLY) (FASTLY)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.111.33 34.120.111.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.254.250.97 3.254.250.97	() ()
68	30

23 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.elderscrollsbote.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.131.42 (San Francisco, United States)

ASN54113 (FASTLY, US)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.209.159 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gameplorer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:2e8e (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.194 (San Francisco, United States)

ASN54113 (FASTLY, US)

hb-vntsm-com.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-66.fra56.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.197.10.19 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-10-19.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.67.42 (San Francisco, United States)

ASN54113 (FASTLY, US)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com

cdn.edkt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.254.250.97 (None, )

ASN- ()

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	elderscrollsbote.de www.elderscrollsbote.de	422 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744	156 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1368	106 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 746	83 KB
4	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 37808	366 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1806 a.ad.gt — Cisco Umbrella Rank: 2012	5 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1098 id5-sync.com — Cisco Umbrella Rank: 570	29 KB
3	gameplorer.de www.gameplorer.de	14 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1374	104 B
2	gstatic.com fonts.gstatic.com	173 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	175 KB
2	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 49282	691 B
1	venatusmedia.com track.venatusmedia.com	171 B
1	edkt.io cdn.edkt.io — Cisco Umbrella Rank: 25748	8 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1738	48 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 937	283 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 112	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	6 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3106	469 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2074	12 KB
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1092	918 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 2209	627 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 7200	37 KB
1	fastly.net hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 58820
68	24

	Domain	Requested by
23	www.elderscrollsbote.de	www.elderscrollsbote.de
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net hb.vntsm.com
4	secure.cdn.fastclick.net	www.elderscrollsbote.de secure.cdn.fastclick.net
4	hb.vntsm.com	www.elderscrollsbote.de hb.vntsm.com
3	c.amazon-adsystem.com	hb.vntsm.com
3	www.gameplorer.de	www.elderscrollsbote.de www.gameplorer.de
2	i.clean.gg	hb.vntsm.com
2	id5-sync.com	cdn.id5-sync.com hb.vntsm.com
2	fonts.gstatic.com	www.elderscrollsbote.de
2	id.hadron.ad.gt	hb.vntsm.com
2	securepubads.g.doubleclick.net	hb.vntsm.com securepubads.g.doubleclick.net
2	hb.vntsm.io	hb.vntsm.com
1	track.venatusmedia.com	hb.vntsm.com
1	cdn.edkt.io	cadmus.script.ac
1	cadmus.script.ac	hb.vntsm.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	a.ad.gt	cdn.hadronid.net
1	lh3.googleusercontent.com	www.elderscrollsbote.de
1	fonts.googleapis.com
1	proc.ad.cpe.dotomi.com	hb.vntsm.com
1	cdn.id5-sync.com	www.elderscrollsbote.de
1	cdn.hadronid.net	www.elderscrollsbote.de
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	ad-delivery.net	hb.vntsm.com
1	geo.privacymanager.io	ats.rlcdn.com
1	ats.rlcdn.com	hb.vntsm.com
1	hb-vntsm-com.global.ssl.fastly.net	hb.vntsm.com
68	27

This site contains links to these domains. Also see Links.

Domain
www.elderscrollsbote.local

Subject Issuer	Validity	Valid
elderscrollsbote.de E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
*.vntsm.com R10	`2024-06-18` - `2024-09-16`	3 months	crt.sh
gameplorer.de WE1	`2024-06-19` - `2024-09-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-07` - `2024-08-06`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-09` - `2024-12-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-05-29` - `2024-08-27`	3 months	crt.sh
id5-sync.com E1	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2024-06-17` - `2025-07-19`	a year	crt.sh
id.hadron.ad.gt E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
a.ad.gt E6	`2024-06-09` - `2024-09-07`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
script.ac E6	`2024-06-23` - `2024-09-21`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
edkt.io GTS CA 1D4	`2024-06-06` - `2024-09-04`	3 months	crt.sh
*.venatusmedia.com Amazon RSA 2048 M02	`2023-12-25` - `2025-01-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.elderscrollsbote.de/
Frame ID: C83700AFC96881D5E4FF94DEFE5736CF
Requests: 67 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 6D5B341D3EA07FE775932FDD0D1E82FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Elder Scrolls Online Builds, Planer und Guides auf Deutsch | ElderScrollsBote.de

Page URL History Show full URLs

http://www.elderscrollsbote.de/ HTTP 307
https://www.elderscrollsbote.de/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

68
Requests

100 %
HTTPS

41 %
IPv6

24
Domains

27
Subdomains

30
IPs

5
Countries

1655 kB
Transfer

4729 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.elderscrollsbote.local/wp-content/uploads/sites/13/2019/06/elderscrollsbote.png
Title: Mehr…

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.elderscrollsbote.de/ HTTP 307
https://www.elderscrollsbote.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.elderscrollsbote.de/
Redirect Chain

http://www.elderscrollsbote.de/
https://www.elderscrollsbote.de/

44 KB
7 KB

341ms
39ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668883287b3b1eef8f3b87cad9c72c4b45a9b9f9930e592189487a105308a490

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 4001
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 898c1e561e28bb41-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 24 Jun 2024 10:43:43 GMT
link: <https://www.elderscrollsbote.de/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8stFZG6u20n1eM%2B1MpB0K41SKRbLSRCvDmpZFpAhRlD%2F%2FIiWVXGbsiNm85erVai%2B2dOPN%2BFkGxo6frwr%2Bgry9ie9h1%2FZBpJu1vOJv95H4R6n7tjian8YHYoDWKYnAn4i%2Bm%2BJ69OKuU7ow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT

Redirect headers

Location: https://www.elderscrollsbote.de/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.css
www.elderscrollsbote.de/static/core/ 132 KB
24 KB 40ms
40ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/static/core/style.css?_v=3.25
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030e49b77a6a332abf1f1b37636f45bf709383d3ac85be2c89171829917a1912

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 487
cf-polished: origSize=135307
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Jan 2019 10:39:24 GMT
server: cloudflare
etag: W/"5c48445c-2108b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yDcL9wnf8Iu2eyv6emvRvYYd6JPRbJ2pg6x%2Fq5T2feAiSnc6AKTX0HEuFMEFS9SefDMpbIV9uCE%2BdpsNzdUGpJYcsr8s%2FyhtI59f5uxEL2b3gbvBAKiZvvz1K1Qzff6MCzVdvgYIBD1NJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=7776000
cf-ray: 898c1e565e83bb41-FRA

GET
H3 200 style.css
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/ 8 KB
3 KB 28ms
27ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/style.css?_v=318e86
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f30a1f522776df2a816b1abd4f8a7e95ab751c655c8a9c4492b8a81e1356ac9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 303005
cf-polished: origSize=8583
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 06 Aug 2021 10:14:22 GMT
server: cloudflare
etag: W/"610d0b7e-2187"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uRyRSbV2lk8YYJF%2FuI51314A%2FUnxFVx3y2FPivnijWq8nCvRW35v2GNXR%2Fc5%2F3qomWJgEpLvV862%2F9li8Gs4YwcnvfhTqSuXBx9VqBUZZt4hKM3s1DSIV0q7XCnqhvoDHkws7Qg98q5lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=7776000
cf-ray: 898c1e565e89bb41-FRA

GET
H3 200 login-form.min.css
www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-core/css/blocks/ 727 B
795 B 54ms
54ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=11.3.1
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83777842e1d7a8a995b3013c4e5df77e513327e0fbe3a40cad620e3614aabc41

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Aug 2023 21:22:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 309589
etag: W/"64e7ca1e-2d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YnBffu7RjaKUqLu5F9YHgQHmqO78bMQ2uFPUUa4Od5jaoIjisOnwrfQUHtM%2FzuLEeT88hiHmVV8cIebzyO9wpcNk7P%2B3oPJ8x%2BIW8ZyB%2BTCzgpLcVbUFA7P8jF%2Fi4XAnKH9cwUCIgNL9GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=7776000
cf-ray: 898c1e569ecdbb41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 latest-activities.min.css
www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-activity/css/blocks/ 2 KB
997 B 68ms
67ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=11.3.1
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c8368f1d6aee4231aef9e92d074d0e07937cf666dd9bda043a61371ee85f47

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Aug 2023 21:22:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 487
etag: W/"64e7ca1e-755"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMjnCuuTGAXoCEW%2FXDWYTYIeOVOX0n3M7Ad641Jgg9mq7OeFAQcAA69QAQm98QSiDdEdrGAkRlVo7y4AmXpJnVTNFH2qM7SuE%2FBwZLaqnrPVDzzTufnK1WbkuCY2EQPhWlMr1Rr%2F5H9kzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=7776000
cf-ray: 898c1e56aee1bb41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 recent-posts.min.css
www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-blogs/css/blocks/ 804 B
742 B 66ms
66ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-blogs/css/blocks/recent-posts.min.css?ver=11.3.1
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6835151bd3260787d6eb21870f998a5482becaa6855a35f9393b5afbaa7b0563

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Aug 2023 21:22:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2097332
etag: W/"64e7ca1e-324"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TxIZPWhtbvMdZNTqJ6a1QNnFhnDRz3xyyWc58SZBpYDO%2B5X6%2FPgSQi11eZ3VrRkb8BvM3vwgQMfORFciYeWIyjlpSBbf6cDjKOiMvc3w%2FAw0DeN571jkUUM4Cu4ztq0GTTjWpdD5PNqCsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=7776000
cf-ray: 898c1e56aee2bb41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sitewide-notices.min.css
www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-messages/css/blocks/ 1 KB
1 KB 72ms
72ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/wp-content/plugins/buddypress/bp-messages/css/blocks/sitewide-notices.min.css?ver=11.3.1
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5149757c0da8c26fa2fa9d3f6190cdcf4b16b9eabc4cde2cc94301054c13e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Aug 2023 21:22:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 321232
etag: W/"64e7ca1e-57e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDF9du8dXFS%2F2Jha9TTVly7aBA4CpocNZ5KUr2LsUghHr9EfQyx1VSRYZLvWCGLAgIUerYSiJFRljUTljzRn7DMDHzWPykA5zM%2F9w8zHhLbAKoZ36RWOeHRhAVylf09nI50AxJM7au31jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=7776000
cf-ray: 898c1e56bef4bb41-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tooltips.js Show response
www.elderscrollsbote.de/esodb/ 8 KB
4 KB 555ms
555ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/esodb/tooltips.js?_v=98a55b
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5588a25192a335bfb14d7e73a6bc01defe9431cbc9f0a4485dc0bd038b0bd67b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 May 2020 15:32:25 GMT
server: cloudflare
age: 314277
etag: W/"5ecd3689-2155"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zjfKblnjoMBFV4SeF%2BmW8%2FFzEG%2Bd%2F4D5oauvUUyTTtNd4fyLXQ6UH2kMY98wyFEU7yeq3BMN9JCkcy1ujq1B5rCq68t2GwAWcpxNYnqcJGeIMSAMrxx6U8acqPHQTh3WQwzMHWUgqMY2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=7776000
cf-ray: 898c1e5a2c70bb41-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ad-manager.min.js Show response
hb.vntsm.com/v3/live/ 143 KB
41 KB 57ms
6ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v3/live/ad-manager.min.js

Requested by

Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88e84a70c3ea64dc61a882f26068430ed97a8a649af98e8b77a9f705f02f2d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version: 1.1
strict-transport-security: max-age=300
age: 587
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ip: 80.255.10.200
geo-sub: BE
x-amz-id-2: HJMfCUs4YQFiJLhdg1uOlfmwsH++JUyXKzyJAkKlmDD/30R4IE9wewGliQC8lVorHbWOAIuKAEI=
x-served-by: cache-dub4330-DUB, cache-fra-etou8220079-FRA
content-length: 40937
last-modified: Fri, 14 Jun 2024 14:40:07 GMT
x-timer: S1719225824.862006,VS0,VE0
etag: "9d13ec4278d11b38c1da4d498a47c838"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges: bytes
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo: DE
x-cache-hits: 2, 6

GET
H3 200 pricecheck.js Show response
www.gameplorer.de/widgets/ 7 KB
3 KB 72ms
40ms Script
application/javascript 172.67.209.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gameplorer.de/widgets/pricecheck.js?_v=20

Requested by

Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.209.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0009f85278ff0fe035dbde61a064fd0d198be132928426c353c17fd18b8faef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 09 Dec 2020 09:54:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
etag: W/"5fd09ec5-1c8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkhIar4Qv%2BPx1sMVhU32ZmbFaWzre0pURT2x8u7NmlW84OuQ3ivNSj6bMOmm4eGT%2BUo9eRsm9ssMP2GtTLsrXiNK9pXazF4Nnvt06%2F6Jl6r6tX4%2FZves9i4wr4SJEB2toWTTrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=7776000
cf-ray: 898c1e570aa59b1b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 mundus.js Show response
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/ 4 KB
2 KB 557ms
557ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/mundus.js?_v=20436d
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481e74ed793add23ec1387aabc2f3bf0e0c99d0435285f06398fc5a1c3044afe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 298839
cf-polished: origSize=4423
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Jun 2019 19:30:50 GMT
server: cloudflare
etag: W/"5cfabb6a-1147"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9OBkvxiA2iOKmAX%2FMOU9q21Z76vN4D5AtL5cZTLlmmugdRypLzYCWH0ob0SvrEvhTUJIwlDbqzUg5JhthoAQqPY1f5hwamJ81oNqIieqXNGg%2BhzZK33t8%2Bv8ReR1fN4bGv%2F1MAKFle8Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=7776000
cf-ray: 898c1e5a2c76bb41-FRA

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 greymoor-wallpaper-2.jpg
www.elderscrollsbote.de/wp-content/uploads/sites/13/2020/05/ 339 KB
339 KB 21ms
20ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/uploads/sites/13/2020/05/greymoor-wallpaper-2.jpg
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80d90b0268c4ae59eee839d1f9f7bd0113aaf94795aa1e6857565b3bfbfc4c53

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
cf-cache-status: HIT
last-modified: Thu, 28 May 2020 06:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 309427
etag: "5ecf6069-54a88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cIRolVZo1OFPVKGN2Z7yjtZ%2B%2BR8KaqZEPYebGYCCqPmwvW6t1WQcBKHX4bjajXIFYAtydf%2Fezpu8wSqCsgYuVYZoq46GWAb0uJpzsMDuC%2BxapA0IvJwzqqmuPEH0na1ERhrBzH1LUzSnpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e56df2fbb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 346760

GET
H3 200 glyphicons-halflings-regular.woff2
www.elderscrollsbote.de/static/fonts/ 18 KB
18 KB 550ms
550ms Font
application/font-woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/static/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/static/core/style.css?_v=3.25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/static/core/style.css?_v=3.25
Origin: https://www.elderscrollsbote.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2017 14:09:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 641
etag: "59887493-466c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FlZGItBW00YpM%2FuIJh8OSH0v8oazu4enja29wRk3eQzhDp3J0vm2IhhE9ZVi6xO%2ByiwnDwU8cQctngcZMpEj%2BxIzcp%2B%2FeLSeTRYNP49UVaDXw4zCUihP5i6idKcC7NuT5gB2grLsQg9wzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5a3c97bb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18028

GET
H3 200 elderscrollsbote.png
www.elderscrollsbote.de/wp-content/uploads/sites/13/2019/06/ 4 KB
4 KB 549ms
549ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/uploads/sites/13/2019/06/elderscrollsbote.png
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b2cf3ff28c623d318ac7c4485d052da1a6fa492128d724dde4df63bbbf760b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Jun 2019 09:44:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 641
etag: "5cfa31f0-f47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUeyRAjRYQPs%2F4eG1nnQGabLvVNGEmySC80cVEqZOySflD4IAfDfA%2FK8BO4xcEqEm0AOQeBLY%2B6tButgy9fY0ORoseArpubwptI3OlV34z3tOsbbaQphV6xtdBkIj9aL9vy%2FpJ01TBMz0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5a3c95bb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3911

GET
H2 200 60f6d3b2ffc37172cbbc01bc.enc Show response
hb.vntsm.com/v2/live/ 32 KB
6 KB 21ms
7ms XHR
text/plain 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/v2/live/60f6d3b2ffc37172cbbc01bc.enc

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f57d911b208f7d0a016d2a4b87d2c6d888aec4e60e014fc282eb20cc0d97ce0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version: 1.1
strict-transport-security: max-age=300
age: 332
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ip: 80.255.10.200
geo-sub: BE
x-amz-id-2: 31IJLzYEjGkatlGvHY/E87kTCNlwpT4lfyxMsl3FNp0YP3OOXQTlAC+JW7qygOupCre9zNOrmSc=
x-served-by: cache-dub4366-DUB, cache-fra-etou8220026-FRA
content-length: 5648
last-modified: Thu, 21 Mar 2024 09:21:26 GMT
x-timer: S1719225824.896575,VS0,VE1
etag: "d368320d3c28d6f9e0e44f8be102634d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo: DE
x-cache-hits: 1, 0

GET
H3 200 65817,65819,65811 Show response
www.gameplorer.de/wp-json/pricecheck/v1/ 433 B
936 B 180ms
180ms Script
application/javascript 172.67.209.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gameplorer.de/wp-json/pricecheck/v1/65817,65819,65811?_jsonp=gp_pricecheck_loaded

Requested by

Host: www.gameplorer.de
URL: https://www.gameplorer.de/widgets/pricecheck.js?_v=20

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.209.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1d8db1d37ff40c733a2543bc84235361aea1aae446af473a2f1de1847bcaf05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Origin,Accept-Encoding
allow: GET
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eows%2BqUzapPgwnJldCsiYEOErSJ2BUxjIap4AOZprgN3AI5pMkYRsFfOJ2bK1neOyJjv7%2FrAPz%2B6y2OP20jftf8r4wnVKl3uG%2FIke3ujZ3QIHWgkWp19pX6dARm9riMsskzhew%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://www.gameplorer.de/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 898c1e574aee9b1b-FRA

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfed71627a698aed0f3570192b00e56525b0efe0c27ecb46eddd42fb7f67afde

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 content.html Show response
hb.vntsm.io/ 32 B
691 B 74ms
32ms Fetch
text/html 2606:4700:10::6816:2e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
cf-cache-status: HIT
x-amz-request-id: 45Z926PG9GJ6QK14
age: 7067
content-length: 32
x-amz-id-2: yrAIYXALZnOq+mPdAFvZApj1ptwyNRn1+47iBsKQyIqesyq1Svj/22SQ6MTYdSwTRtAodziw7jgsrYdrqalmO1vwMZLUczIRY6XnnulmDZw=
geo: DE
geo-subdivision: DE-BY
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 898c1e57bdc03aa2-FRA

GET
H/1.1 200
OK g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/ 0
0 29ms
6ms Fetch
text/plain 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.194 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 10:43:43 GMT
Via: 1.1 varnish, 1.1 varnish
Venatus-CDN-HB-Rule-Version: 1.1
Strict-Transport-Security: max-age=300
Age: 588
x-amz-server-side-encryption: AES256
X-Cache: HIT, HIT
Connection: keep-alive
X-IP: 80.255.10.200
Content-Length: 0
x-amz-id-2: H9cHvIvxRy9DZ5jM6dkd4UYifsJJlDKwk4q74TbqpF8kJveYWcdXBxRBMPdvnrM4kThy+MohSzs=
X-Served-By: cache-dub4333-DUB, cache-fra-etou8220082-FRA
Geo-Sub: BE
Last-Modified: Tue, 02 Apr 2024 15:20:36 GMT
X-Timer: S1719225824.928760,VS0,VE0
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Geo: DE
X-Cache-Hits: 4, 10

GET
H2 200 ad-manager-bundle.min.js Show response
hb.vntsm.com/ab/live/fatum/ 1 MB
320 KB 6ms
6ms Script
application/javascript 151.101.131.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d51ff3376e7599d429e8dde11231674c03458147c72df7f6635949d5f1d3dfe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version: 1.1
strict-transport-security: max-age=300
age: 587
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ip: 80.255.10.200
geo-sub: BE
x-amz-id-2: gpl8m5JzqKWbzRAyIZ+eqOAfp1NT87lIVpAASjJqb8Wn6uDQv0lPk7LU9JeBexJsX/sM/f/Wc6s=
x-served-by: cache-dub4358-DUB, cache-fra-etou8220079-FRA
content-length: 326929
last-modified: Fri, 14 Jun 2024 13:21:16 GMT
x-timer: S1719225824.943362,VS0,VE0
etag: "3737819e214261a26ca95d6af24e4db4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges: bytes
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo: DE
x-cache-hits: 2, 6

GET
H2 200 content.html Show response
hb.vntsm.io/ 32 B
0 0ms
0ms Fetch
text/html 2606:4700:10::6816:2e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:43 GMT
cf-cache-status: HIT
x-amz-request-id: 45Z926PG9GJ6QK14
age: 7067
content-length: 32
x-amz-id-2: yrAIYXALZnOq+mPdAFvZApj1ptwyNRn1+47iBsKQyIqesyq1Svj/22SQ6MTYdSwTRtAodziw7jgsrYdrqalmO1vwMZLUczIRY6XnnulmDZw=
geo: DE
geo-subdivision: DE-BY
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 898c1e57bdc03aa2-FRA

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
37 KB 32ms
7ms Script
text/javascript 18.245.31.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: F5G4x7igSyEInzmeTLVI9fM7V7EmySpG
content-encoding: gzip
via: 1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
date: Mon, 24 Jun 2024 04:47:52 GMT
last-modified: Wed, 13 Mar 2024 08:09:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 21353
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: WMua5wev_PmiPDvehec7-NeUhI68emhCeRSdcNtkC88OOnFxTn82eA==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
627 B 31ms
7ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 19:08:04 GMT
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront), 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 56140
x-amzn-requestid: e569e7ed-ba0a-49be-a369-5b1bc3782acf
x-amzn-trace-id: Root=1-66787294-7f74932436b34ec1308b89f9;Parent=01b2a4df5b610e62;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: Z1bXLG0hDoEEJAQ=
content-length: 30
x-amz-cf-id: 8pUCuqrTLETZyNB_njTECJXRKUdzyc-qh2tTALOqkA_x0fa5hO20mQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 px.gif Show response
ad-delivery.net/ 43 B
918 B 53ms
31ms Fetch
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 487
x-guploader-uploadid: ACJd0NosP_Le-6F_slYrm7Dkcqf8VN3mYrY3axRMMjouqxE9mk6joIITI8PA8hJrzVFauDcsVhnrk5W2pw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4L9QIyAIMeEgkxgR3S9GtP59NaHJDk%2BgzO6D4QRh7HMVXG8FQRAeSYko11hPj9DpM%2BxZ9BIMmCMPtlKxNbbPcNjOOXL1Cf0BHOCXLVjhP7nxBRB7zWakNU32%2BBusLuP3tQxD262uvUMYCfh3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 898c1e58597f6909-FRA
expires: Mon, 24 Jun 2024 10:59:07 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 90ms
57ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

4a0df8e6698c9be13e0cf6dc95ba7ef3cab335f7bf58aed3ef7a62f7024eddf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31659
x-xss-protection: 0
server: cafe
etag: 901 / 19898 / m202406170101 / config-hash: 994685364493883849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Jun 2024 10:43:44 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 308 KB
76 KB 50ms
8ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:18:06 GMT
content-encoding: gzip
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2024 21:55:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 1539
etag: W/"8f94a6a072a070cbb8299e59a43dbe3f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Pp48oZ7op_KYZN06T0h-OCqdq26Q2MnZNER_uqzpkqWW_F8kaMK7Sw==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 463 KB
144 KB 7ms
7ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24321
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147664
x-xss-protection: 0
server: cafe
etag: 1926151935331161023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 24 Jun 2025 03:58:23 GMT

GET
H2 200 70247b00-ff8f-4016-b3ab-8344daf96e09 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
828 B 36ms
6ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1777ef5f2613e35015a34031cba4dcb7d5275bbc9cf1109a52b37a6b88cfa12f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:16:32 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1632
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: by6dYkKCwmBxo2L1NvwAApnP6IMbO3YMPvz0JTynJox2bkpbkqr91Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 8ms
7ms XHR
application/json 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.elderscrollsbote.de&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:03:03 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 2440
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.elderscrollsbote.de
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2353
x-amz-cf-id: mupTFf9fyvRpmwR0HfC7Sqw5cTFmBsPLQ53srSgxoWIRFuSt6OJIqQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
8ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
date: Mon, 24 Jun 2024 05:25:43 GMT
x-amz-cf-pop: FRA2-C1
age: 19082
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: v8y45wpRyJk-9lnzGFl_Pan656LmeSd2cpZIsUKY86c2Pd1mQT7Egw==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 50ms
13ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Mon, 24 Jun 2024 10:58:44 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 85ms
54ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.elderscrollsbote.de%2F&ref=&_it=amazon&partner_id=288
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNTEWM5RE8S976C
age: 2931
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 898c1e5a99e7914a-FRA
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 94 KB
28 KB 58ms
25ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:15:00 GMT
server: cloudflare
x-amz-request-id: A7G0XWPR60SWYYDY
age: 569
etag: W/"7549ecdacdd2ca9502744f648799d58a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 898c1e5a9b0935fa-FRA
x-amz-id-2: hPT0Kao4sPBkX2ZVAV94sYxQNOVVBFDjVAzaYeecxWnYJynoPjAS1bm2qjNRsptWaAnjjdnNVsHCgCEIKsjhJg==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 49ms
12ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Mon, 24 Jun 2024 10:58:44 GMT

GET
H2 200 21726375739 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 85ms
57ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21726375739?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f7eb1b2131678eb125216f9eecdc720045d195532c2ed41f3bbc36be92df315

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qSPPhS1WLLDnHzmQA3dT2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-qSPPhS1WLLDnHzmQA3dT2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw0ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLheDD76WY2gQcrmx8zKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBla6hmYxhcYAAAH6zo9"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 12ms
12ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Mon, 24 Jun 2024 10:58:44 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
469 B 79ms
13ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elderscrollsbote.de
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Mon, 24 Jun 2024 11:13:44 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 104 B
266 B 121ms
120ms XHR
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.elderscrollsbote.de&url=https://www.elderscrollsbote.de/
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442049812a5dd63f21790ec983b3bbeebe0076f0d577e4c21aa258b9e41d08e8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 898c1e5be8019f2e-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 154ms
115ms Preflight
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.elderscrollsbote.de&url=https://www.elderscrollsbote.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.elderscrollsbote.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 898c1e5b2ed09f2e-FRA
content-length: 0
content-type: application/json
date: Mon, 24 Jun 2024 10:43:44 GMT
debug: OPTIONS block
expires: Tue, 24 Jun 2025 10:43:44 GMT
server: cloudflare

GET
H2 200 AGSKWxUPxXHxoSDAE1LX71InUqoXVQvOkK9TKTxTYRbr6gNB6nv4F3SWBrLdZtLpuNv8jVIn5z9zr08uEMR5Lb5aAJ7eoYub_Ilw-PsobK-SPQm_jxbpOqgCbv6WOjIIq98BMEKSDQD6Hg== Show response
fundingchoicesmessages.google.com/f/ 710 KB
91 KB 157ms
157ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUPxXHxoSDAE1LX71InUqoXVQvOkK9TKTxTYRbr6gNB6nv4F3SWBrLdZtLpuNv8jVIn5z9zr08uEMR5Lb5aAJ7eoYub_Ilw-PsobK-SPQm_jxbpOqgCbv6WOjIIq98BMEKSDQD6Hg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5MjI1ODI0LDUyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZWxkZXJzY3JvbGxzYm90ZS5kZS8iLG51bGwsW1s4LCJycXJrT3FMSk9RdyJdLFs5LCJkZSJdLFsxOSwiMSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMw1SQPJiiWeO_cIkHjTM_KbQ70rlQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

072052d874d0098382a9e7d1fef898d0e4636f33bbe28d9ecb06679cf9ca7775

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UkArr_dRSR3jOzzVF8eObQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-UkArr_dRSR3jOzzVF8eObQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw05BiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4iURF1kPJQLx44usp4BYiIfjweynm9kEHpxed4BJSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTAzNBSz8A0vsAAALyjP3w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 11ms
11ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Mon, 24 Jun 2024 10:58:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 49ms
24ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rqrkOqLJOQw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwcEmua66vAPOKRuHEyEQgw1Mc-DQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 10:43:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jun 2024 10:43:44 GMT

GET
H2 200 ilW7pg8ll04Qxk53HS9T02UHcThvWD9boWnh1UFDpgBcfRPqxSrkXCllOkafvNCzpdh5a_xdiTXbzsV3cMAjZm0NhEx5K_W1B-eu5M3LERHbpth0QJ4=h60
lh3.googleusercontent.com/ 13 KB
13 KB 38ms
8ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ilW7pg8ll04Qxk53HS9T02UHcThvWD9boWnh1UFDpgBcfRPqxSrkXCllOkafvNCzpdh5a_xdiTXbzsV3cMAjZm0NhEx5K_W1B-eu5M3LERHbpth0QJ4=h60

Requested by

Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e6819867c680e9097be8625bc4eb747227bcd548ae672a22e1ddcf8c1ebb865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 07:08:23 GMT
x-content-type-options: nosniff
age: 12921
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13091
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 25 Jun 2024 07:08:23 GMT

GET
H2 200 288 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 81ms
35ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.elderscrollsbote.de%2F&ref=&_it=amazon&partner_id=288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63caa8f1b29cf8b2f3fd773b86a34077b6b67d67316fb92446efe7d8513c2701

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 10:38:24 GMT
server: cloudflare
age: 256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 898c1e5d1d024db1-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 74ms
44ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Origin: https://www.elderscrollsbote.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:53:43 GMT
x-content-type-options: nosniff
age: 503401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:53:43 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 47ms
16ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.elderscrollsbote.de
URL: https://www.elderscrollsbote.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Origin: https://www.elderscrollsbote.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:42:02 GMT
x-content-type-options: nosniff
age: 504102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:42:02 GMT

POST
H3 204 AGSKWxVlKf3bRkwWp3qjSCi65jiDfPhJbDvVV0SvpyXOUREp8KtGxprAu11o252zTSv_g7Dmshipw-UbS45FUbOXa7YSN4_gKjdB7Fs8AeseW_JQOLntg853yLukWi98E3bf6pcz8bgWyA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 38ms
22ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVlKf3bRkwWp3qjSCi65jiDfPhJbDvVV0SvpyXOUREp8KtGxprAu11o252zTSv_g7Dmshipw-UbS45FUbOXa7YSN4_gKjdB7Fs8AeseW_JQOLntg853yLukWi98E3bf6pcz8bgWyA==

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WcIf3rEYSovhGVpDdfJcdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-WcIf3rEYSovhGVpDdfJcdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Fg9tPNbAIL3l7_zaTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDC31DMzjCwwAjLwsmA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.elderscrollsbote.de
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVlKf3bRkwWp3qjSCi65jiDfPhJbDvVV0SvpyXOUREp8KtGxprAu11o252zTSv_g7Dmshipw-UbS45FUbOXa7YSN4_gKjdB7Fs8AeseW_JQOLntg853yLukWi98E3bf6pcz8bgWyA==

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NC2C1ZSwf57g3ggy7fLa4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-NC2C1ZSwf57g3ggy7fLa4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Fg9tPNbAIXrq79w6TkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDC31DMzjCwwAizosjg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.elderscrollsbote.de
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 eso-blackwood-upgrade-pc.jpg
www.gameplorer.de/wp-content/uploads/2021/01/ 10 KB
11 KB 28ms
27ms Image
image/jpeg 172.67.209.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gameplorer.de/wp-content/uploads/2021/01/eso-blackwood-upgrade-pc.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.209.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad5f256bb34da21478ebb6248b2781894cc58e36306a914156cda23395c22713

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
strict-transport-security: max-age=15552000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14044
alt-svc: h3=":443"; ma=86400
content-length: 10352
last-modified: Sat, 30 Jan 2021 15:05:53 GMT
server: cloudflare
etag: "601575d1-2870"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zru7%2B6FpKmt8BUOh%2BnoTsdvm%2BcRIcbGQZPSTf%2F3Ukv3tcB%2BKdFNq2t5sUtq6abSrbOsPyRh%2FZC6ZWDqtFHS7i%2B6Nd84gAuAXZYtbhocZINtEL5s%2BZc8fXAznv5Nr9oFBXxJKVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5d590f9b1b-FRA

GET
H2 200 cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame 6D5B 0
0 21ms
7ms Document
text/html 151.101.67.42
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.42 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.elderscrollsbote.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
age: 588
content-encoding: gzip
content-length: 420
content-type: text/html
date: Mon, 24 Jun 2024 10:43:44 GMT
etag: "d80b9831e6e7896aa97e84d70f49e545"
geo-sub: BE
last-modified: Sun, 10 Sep 2023 14:04:21 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
venatus-cdn-hb-rule-version: 1.1
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: ymrLGAO8vVSLAAioi+7pTG2XVsfwUQWhZXUnNPNUj5RLJx1DSFqPLtYBF9TjL1+YuQo5eqHfC0E=
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-cache-hits: 2, 4
x-geo: DE
x-ip: 80.255.10.200
x-served-by: cache-dub4352-DUB, cache-fra-etou8220137-FRA
x-timer: S1719225825.875123,VS0,VE0

GET
H3 200 classdragonknight.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 623 B
1 KB 25ms
24ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classdragonknight.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff8976c5b06a86af543bd5e0313493efc9c4bc2957cc27da148afeb1d692c479

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 07:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2096252
etag: "5ac4851f-26f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFNZ5sDCQguSyOGzxxmudX58oD3e8s%2FkwTbTLSqdWT7sDPrx6MqiRYf2O2VcT6Pfv99T67ZsdPMgOvn88q%2BdRYi29X95AiGPGDsPsSFlFgRMAGU9Ykt8hyA2VbBSu%2BNx4cgtk9HSFRxPzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5d694fbb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 623

GET
H3 200 armorlight.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 763 B
1 KB 63ms
61ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/armorlight.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5abfda0176f11e766213cad2572c49bb48b4671adc21c5050aee8543c4395ecb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:44 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 07:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 641
etag: "5ac4851f-2fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUdBfexuI8%2FzgDaHBl5Rxk0pZPE6CRrrr0I4FB8Gfu6d9GOeOHBjWB8J20pgUNUiaybNqj%2FLV5kobJohyfvQTYrNgIsKm1hSnVEgmz8uL3%2FU57iovVopyyEsLqlWeNUmqbDWDjgHqxhvEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5d99b2bb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 763

GET
H3 200 armormedium.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 874 B
1 KB 169ms
167ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/armormedium.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c9d9e24498d49f73d841bb103071b606acbdce264ece5a0a572376c0d1c422

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 07:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 309429
etag: "5ac4851f-36a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEH8Ks4PBae8ncwZdw7KPB2WVh4cyaVDZtkZ7RsGbtknq0xuq6DEXRb4qsI2QI5Uq9byUzBV4Fygy2NeBG1YY%2Btf1FSgW4%2FyUcp52Etr2jojO4tFrPbB17dImiMRzr4AoBMdaFSb6%2B%2B7GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5e4ac6bb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 874

GET
H3 200 armorheavy.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 907 B
1 KB 177ms
175ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/armorheavy.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc4d2e87b1cc232666652729a14b347dcfc274944cd74455761ffb3e5076d92c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 07:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 291224
etag: "5ac4851f-38b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNRfN%2Bmb7P3IEAVzc0FC%2BSCQYsvKJpz%2Ff4jTUZwFxS8NHVNKciEge%2B5rRgMZRGfvMmHHTg%2B%2BBr%2BtzdakQerJgyKHTbGugnEUkErtICuWCoQ2Db2gWSMjB0MF1StGxzNXq97TkFMkRTG4yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5e4accbb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 907

GET
H3 200 classtemplar.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 591 B
1 KB 174ms
173ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classtemplar.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398ded36b014a32e4b91b33b73639e17660591686d6a80a94f62560c0cf066a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 07:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 642
etag: "5ac4851f-24f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0sPXbjPJrPOhIQN6fuoEpm%2BTUSy9HeBh16h6nM3catViaRNlMox4pVBhljIQJM0pH8HFXYMxkEPOE5IzU0C65j4ZBLQhlk7%2BKXt0CdkmAbTf%2FtXjXKrEpfULv%2F6mua1cjvDu1IW21LOFAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5e5afabb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 591

GET
H3 200 classnecromancer.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 2 KB
2 KB 180ms
179ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classnecromancer.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91b33251a9702933272996fae415ff9078e511b45b6933dae08bab3201f5fd9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 19:42:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 295130
etag: "5ce454c2-7dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXYWf8DrrNuhPE6OCKO95tYFN92yUC%2BUgMjiIPqTmQ4GMQkvOLLZnCinHdL2GQcj4EoAsRFNE1huIhRQXi8mx8x6qwTlShSRvMHf7BRqhngArC3CGReQiIghdSyaH01HtixiTEh2EqL1bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5e5affbb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2013

GET
H3 200 classwarden.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 660 B
1 KB 179ms
178ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classwarden.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc391ba1e7f99ce1b4ab68620b4a8a7c116d411fc1585dec1838dcf9eff7600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 07:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99988
etag: "5ac4851f-294"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=al5EPlYPU5h1abJdzywSGjzGBq2FS8Zl2xTb6A9lxte%2F%2FmSOb54Orx3gbA7NJ%2FcP7Z9K1w4GU4XZ%2BxVGWAx4uX14aZRijt0SurplzJGqVzDhtSLImGHZiAE%2B%2FYXkYCANjEiUK7Buz4gMbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5e5b06bb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 660

GET
H3 200 classsorcerer.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 682 B
1 KB 184ms
182ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classsorcerer.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae09a53443c54bed5d0050898a8f8f800c520f27b6c14ad2efded73ab97d18eb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 07:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 224604
etag: "5ac4851f-2aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gx2qzfXx7rORWy1jyXibS5A3pclgKhHbTVkJMh%2BcA5S8eitBrwVGSv%2B6XGatFr89DCcJg98nyM4tb%2Bia6aoh9MwPLbtNc5azBZ%2BZjW8V6JKl%2BT1ejqFzU5ZMpBZ0DKOR2LpEwCeO2phXeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5e5b07bb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 682

GET
H3 200 classnightblade.png
www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/ 530 B
1000 B 195ms
194ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/themes/elderscrollsbote/static/icons/classnightblade.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 466fee0a1ac33a3d7e02bc06bcff70c7cb24fde0dfd47373bbd6735c135b8759

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
cf-cache-status: MISS
last-modified: Wed, 04 Apr 2018 07:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ac4851f-212"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJ%2BPZqbyc1CQjx49a9jBsxsO9%2FkHnnJK4arz7tBhUlAzsJaWqP2A%2BEKlBqx9%2B%2F4jTRLtwC33unNAkTyX9X%2FtOMeRVLZrhk5CRqTCo2j55mdbFymt9QGOHH9EMaAFLQpo7EfgMpgkBjFfvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5e5b0abb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 530

GET
H3 200 mundus-interact-128x72.jpg
www.elderscrollsbote.de/wp-content/uploads/sites/13/2014/02/ 4 KB
4 KB 184ms
183ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elderscrollsbote.de/wp-content/uploads/sites/13/2014/02/mundus-interact-128x72.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b9cf76d6e0b9e1131c9912639dcd10696b6ec8daf29f25d5f11ca81673564fa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2017 12:11:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 295124
etag: "5975e3e0-e6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fn%2B9BgTM6wgZu8H7JE6AwKHz861dvtAtfBJldFL9iX0%2BCdRh2wFIJpy9v1GzywBvP4BRK4YUGw2n10cLNxeMq0gQeYyTODVF9l4CtMZcGSwF1i9CSmk9n7qgJFyYhho6ozKstl%2FFuWS67g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5e5b0dbb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3695

GET
H3 200 cropped-elderscrollsbote-favicon-32x32.png
www.elderscrollsbote.de/wp-content/uploads/sites/13/2015/12/ 1 KB
2 KB 21ms
21ms Other
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elderscrollsbote.de/wp-content/uploads/sites/13/2015/12/cropped-elderscrollsbote-favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec25cc9edff2a8dc0a190b8357dc87c111ba67fa7106cd99217f2070c34525c9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2017 12:13:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 465055
etag: "5975e452-507"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Jso35sxwl0EHHTVnyHvh2quif2hcu5HMx4hoqfnu23Qmd%2F6f%2FdIzuwAisa1qPMwhRlpNC2U%2FqPtw9C1gbtYcgiiZFUlJGJwNL6RVupdsK1shcq8vh%2BrDTUh%2F4kwv85vd91iiR3eQzwBMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 898c1e5e9b7cbb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1287

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
461 B 33ms
7ms Fetch
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://www.elderscrollsbote.de
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
283 B 36ms
10ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

3a466c366cd33cb41d5f2becbfaf8e7c155b187f41d05e263d085fcbd39a708d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.elderscrollsbote.de
date: Mon, 24 Jun 2024 10:43:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
522 B 9ms
9ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

5bb918b96bd802315f1a61269437785a8518bd6a6ce9535ead96c9413d6f5b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.elderscrollsbote.de
date: Mon, 24 Jun 2024 10:43:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H2 200 script.js Show response
cadmus.script.ac/d1oykxszdrgjgl/ 138 KB
48 KB 51ms
21ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819c2f444a456bcd7d0de1b4db2e07272fcd799c58c672cc5994d6f86a4a7524

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:43:48 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2024 09:40:42 GMT
server: cloudflare
age: 0
etag: W/"ee32a326a42bdb987a039a8c1a67bb18ed6174c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 898c1e737e22904c-FRA

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 97ms
96ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Jun 2024 10:43:48 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 119ms
97ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elderscrollsbote.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 24 Jun 2024 10:43:48 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 edgekit.min.js Show response
cdn.edkt.io/rNn9xk/ 23 KB
8 KB 33ms
10ms Script
text/javascript 34.120.111.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.111.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ce6ee7282fa793c4aff7aad98b89995fc1d44dbb213e7bb0d688bd71dc4db73e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 19:29:35 GMT
content-encoding: gzip
age: 54853
x-guploader-uploadid: ACJd0NoK2zAKOfRAV15OXVy7oLh3TUGzNsAPa663Tc9Q3dgXu9UKQrTQpRNDo4Fh7HSBs5-UX8LRYYnD1Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7644
last-modified: Wed, 19 Jun 2024 15:06:16 GMT
server: UploadServer
etag: "9306f5d18931560acbb77fb78ddce186"
x-goog-generation: 1718809576806016
x-goog-hash: crc32c=2+0XiA==, md5=kwb10YkxVgrLt3+3jdzhhg==
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 7644
accept-ranges: bytes
expires: Mon, 24 Jun 2024 19:29:35 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ 16 B
171 B 98ms
30ms XHR
application/json 3.254.250.97

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.254.250.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.elderscrollsbote.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.elderscrollsbote.de
date: Mon, 24 Jun 2024 10:43:48 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.elderscrollsbote.de/	1970-01-20 21:35:12	Name: _lr_geo_location Value: DE
			.id5-sync.com/	1970-01-20 23:43:21	Name: id5 Value: cde0ed1f-9afa-7338-b88f-98abb1caee61#1719225825478#1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad-delivery.net
ats.rlcdn.com
c.amazon-adsystem.com
cadmus.script.ac
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
config.aps.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.com
hb.vntsm.io
i.clean.gg
id.hadron.ad.gt
id5-sync.com
lb.eu-1-id5-sync.com
lh3.googleusercontent.com
proc.ad.cpe.dotomi.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
track.venatusmedia.com
www.elderscrollsbote.de
www.gameplorer.de
13.224.186.120
13.32.99.122
141.95.98.64
142.250.185.78
151.101.129.194
151.101.131.42
151.101.67.42
162.19.138.119
172.217.18.2
172.67.209.159
18.245.31.66
188.114.96.3
23.197.10.19
2606:4700:10::6816:2e8e
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:20::681a:346
2606:4700::6812:1691
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:81c::2001
2a02:fa8:8806:12::1460
3.254.250.97
34.120.111.33
34.95.69.49
99.86.4.30
030e49b77a6a332abf1f1b37636f45bf709383d3ac85be2c89171829917a1912
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072052d874d0098382a9e7d1fef898d0e4636f33bbe28d9ecb06679cf9ca7775
1777ef5f2613e35015a34031cba4dcb7d5275bbc9cf1109a52b37a6b88cfa12f
2f7eb1b2131678eb125216f9eecdc720045d195532c2ed41f3bbc36be92df315
398ded36b014a32e4b91b33b73639e17660591686d6a80a94f62560c0cf066a3
3a466c366cd33cb41d5f2becbfaf8e7c155b187f41d05e263d085fcbd39a708d
3b2cf3ff28c623d318ac7c4485d052da1a6fa492128d724dde4df63bbbf760b2
3b9cf76d6e0b9e1131c9912639dcd10696b6ec8daf29f25d5f11ca81673564fa
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
442049812a5dd63f21790ec983b3bbeebe0076f0d577e4c21aa258b9e41d08e8
466fee0a1ac33a3d7e02bc06bcff70c7cb24fde0dfd47373bbd6735c135b8759
481e74ed793add23ec1387aabc2f3bf0e0c99d0435285f06398fc5a1c3044afe
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4a0df8e6698c9be13e0cf6dc95ba7ef3cab335f7bf58aed3ef7a62f7024eddf0
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4e6819867c680e9097be8625bc4eb747227bcd548ae672a22e1ddcf8c1ebb865
5588a25192a335bfb14d7e73a6bc01defe9431cbc9f0a4485dc0bd038b0bd67b
5abfda0176f11e766213cad2572c49bb48b4671adc21c5050aee8543c4395ecb
5bb918b96bd802315f1a61269437785a8518bd6a6ce9535ead96c9413d6f5b24
61c8368f1d6aee4231aef9e92d074d0e07937cf666dd9bda043a61371ee85f47
63caa8f1b29cf8b2f3fd773b86a34077b6b67d67316fb92446efe7d8513c2701
668883287b3b1eef8f3b87cad9c72c4b45a9b9f9930e592189487a105308a490
6835151bd3260787d6eb21870f998a5482becaa6855a35f9393b5afbaa7b0563
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7f30a1f522776df2a816b1abd4f8a7e95ab751c655c8a9c4492b8a81e1356ac9
80d90b0268c4ae59eee839d1f9f7bd0113aaf94795aa1e6857565b3bfbfc4c53
819c2f444a456bcd7d0de1b4db2e07272fcd799c58c672cc5994d6f86a4a7524
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83777842e1d7a8a995b3013c4e5df77e513327e0fbe3a40cad620e3614aabc41
88e84a70c3ea64dc61a882f26068430ed97a8a649af98e8b77a9f705f02f2d6a
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
8b5149757c0da8c26fa2fa9d3f6190cdcf4b16b9eabc4cde2cc94301054c13e6
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
a0009f85278ff0fe035dbde61a064fd0d198be132928426c353c17fd18b8faef
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
ad5f256bb34da21478ebb6248b2781894cc58e36306a914156cda23395c22713
ae09a53443c54bed5d0050898a8f8f800c520f27b6c14ad2efded73ab97d18eb
b1d8db1d37ff40c733a2543bc84235361aea1aae446af473a2f1de1847bcaf05
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
ce6ee7282fa793c4aff7aad98b89995fc1d44dbb213e7bb0d688bd71dc4db73e
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d51ff3376e7599d429e8dde11231674c03458147c72df7f6635949d5f1d3dfe0
d91b33251a9702933272996fae415ff9078e511b45b6933dae08bab3201f5fd9
dfed71627a698aed0f3570192b00e56525b0efe0c27ecb46eddd42fb7f67afde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042
e9c9d9e24498d49f73d841bb103071b606acbdce264ece5a0a572376c0d1c422
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ec25cc9edff2a8dc0a190b8357dc87c111ba67fa7106cd99217f2070c34525c9
ecc391ba1e7f99ce1b4ab68620b4a8a7c116d411fc1585dec1838dcf9eff7600
f57d911b208f7d0a016d2a4b87d2c6d888aec4e60e014fc282eb20cc0d97ce0f
fc4d2e87b1cc232666652729a14b347dcfc274944cd74455761ffb3e5076d92c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff8976c5b06a86af543bd5e0313493efc9c4bc2957cc27da148afeb1d692c479

www.elderscrollsbote.de Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

100 %HTTPS

41 %IPv6

24 Domains

27 Subdomains

30 IPs

5 Countries

1655 kBTransfer

4729 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.elderscrollsbote.de Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

41 %
IPv6

24
Domains

27
Subdomains

30
IPs

5
Countries

1655 kB
Transfer

4729 kB
Size

2
Cookies

68 HTTP transactions
2 data transactions