elementgames.co.uk Open in urlscan Pro
2606:4700:10::6816:1dae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3VGiyWS
Effective URL:
https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Submission: On June 12 via api (June 12th 2023, 5:00:27 pm UTC) from FI — Scanned from FI

Summary HTTP 186 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 26 domains to perform 186 HTTP transactions. The main IP is 2606:4700:10::6816:1dae, located in United States and belongs to CLOUDFLARENET, US. The main domain is elementgames.co.uk.
TLS certificate: Issued by GTS CA 1P5 on June 6th 2023. Valid for: 3 months.

This is the only time elementgames.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
62	2606:4700:10:... 2606:4700:10::6816:1dae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	143.204.231.40 143.204.231.40	16509 (AMAZON-02) (AMAZON-02)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
7	23.201.254.231 23.201.254.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.227.219.112 13.227.219.112	16509 (AMAZON-02) (AMAZON-02)
4	35.190.88.141 35.190.88.141	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211a:b600:d:33cb:c9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
4	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	34.76.56.218 34.76.56.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.65.39.11 18.65.39.11	16509 (AMAZON-02) (AMAZON-02)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.226.27.69 3.226.27.69	14618 (AMAZON-AES) (AMAZON-AES)
2	63.35.53.43 63.35.53.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
2	104.102.47.146 104.102.47.146	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:600... 2a04:4e42:600::291	54113 (FASTLY) (FASTLY)
8	18.165.201.73 18.165.201.73	16509 (AMAZON-02) (AMAZON-02)
1	108.138.233.124 108.138.233.124	16509 (AMAZON-02) (AMAZON-02)
1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
3	2600:9000:238... 2600:9000:238d:4600:16:eb47:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
186	39

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2606:4700:10::6816:1dae (United States)

ASN13335 (CLOUDFLARENET, US)

elementgames.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.231.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-231-40.cdg3.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.201.254.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-254-231.deploy.static.akamaitechnologies.com

nsg.symantec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-112.ams54.r.cloudfront.net

sleeknotecustomerscripts.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.88.141 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 141.88.190.35.bc.googleusercontent.com

paypal-eu-cdn.cloudiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:b600:d:33cb:c9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ppcprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.76.56.218 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.56.76.34.bc.googleusercontent.com

paypal-eu-arh.cloudiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.39.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-11.ams1.r.cloudfront.net

cdn.particularaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.salesfire.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

elementgames.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.226.27.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-27-69.compute-1.amazonaws.com

recs-us-e1a.particularaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.53.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-53-43.eu-west-1.compute.amazonaws.com

live.smartmetrics.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.47.146 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-47-146.deploy.static.akamaitechnologies.com

guarantee-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.165.201.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-201-73.lhr50.r.cloudfront.net

sleeknotestaticcontent.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.233.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-233-124.lhr61.r.cloudfront.net

geolocation.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

analytics.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:4600:16:eb47:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	elementgames.co.uk elementgames.co.uk	748 KB
23	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2355 t.paypal.com — Cisco Umbrella Rank: 3126 c.paypal.com — Cisco Umbrella Rank: 5411 b.stats.paypal.com — Cisco Umbrella Rank: 4800 dub.stats.paypal.com — Cisco Umbrella Rank: 20131 c6.paypal.com — Cisco Umbrella Rank: 6479	356 KB
14	sleeknote.com sleeknotecustomerscripts.sleeknote.com — Cisco Umbrella Rank: 15591 sleeknotestaticcontent.sleeknote.com — Cisco Umbrella Rank: 17298 geolocation.sleeknote.com — Cisco Umbrella Rank: 159456 analytics.sleeknote.com — Cisco Umbrella Rank: 28207 images.sleeknote.com — Cisco Umbrella Rank: 80570	128 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 101	959 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2063 ekr.zdassets.com — Cisco Umbrella Rank: 2409	384 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	117 KB
7	cloudiq.com paypal-eu-cdn.cloudiq.com — Cisco Umbrella Rank: 128353 paypal-eu-arh.cloudiq.com — Cisco Umbrella Rank: 144884	83 KB
7	symantec.com nsg.symantec.com — Cisco Umbrella Rank: 39119	27 KB
6	particularaudience.com cdn.particularaudience.com — Cisco Umbrella Rank: 98543 recs-us-e1a.particularaudience.com — Cisco Umbrella Rank: 130684	159 KB
6	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 4699	46 KB
5	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 297 fonts.googleapis.com — Cisco Umbrella Rank: 67	32 KB
5	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 121 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 static.doubleclick.net — Cisco Umbrella Rank: 360	3 KB
4	salesfire.co.uk cdn.salesfire.co.uk — Cisco Umbrella Rank: 62839	131 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	16 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2153	34 KB
2	guarantee-cdn.com guarantee-cdn.com — Cisco Umbrella Rank: 36417	2 KB
2	smartmetrics.co.uk live.smartmetrics.co.uk — Cisco Umbrella Rank: 56939	233 B
2	zendesk.com elementgames.zendesk.com	2 KB
2	google.no www.google.no — Cisco Umbrella Rank: 24112	562 B
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 458	17 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 256	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 124	122 KB
1	ppcprotect.com cdn.ppcprotect.com — Cisco Umbrella Rank: 485664	374 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	56 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	18 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5143	343 B
186	26

	Domain	Requested by
62	elementgames.co.uk	elementgames.co.uk cdn.particularaudience.com
11	www.paypal.com	elementgames.co.uk www.paypal.com www.paypalobjects.com
9	www.youtube.com	elementgames.co.uk www.youtube.com
8	sleeknotestaticcontent.sleeknote.com	sleeknotecustomerscripts.sleeknote.com sleeknotestaticcontent.sleeknote.com
7	nsg.symantec.com	elementgames.co.uk nsg.symantec.com
7	static.zdassets.com	elementgames.co.uk static.zdassets.com
6	widget.trustpilot.com	elementgames.co.uk widget.trustpilot.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	fonts.gstatic.com	www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	recs-us-e1a.particularaudience.com	cdn.particularaudience.com
4	cdn.salesfire.co.uk	www.googletagmanager.com cdn.salesfire.co.uk
4	t.paypal.com	elementgames.co.uk
4	paypal-eu-cdn.cloudiq.com	elementgames.co.uk paypal-eu-cdn.cloudiq.com
3	images.sleeknote.com	sleeknotestaticcontent.sleeknote.com
3	paypal-eu-arh.cloudiq.com	elementgames.co.uk
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
3	www.google.com	1 redirects elementgames.co.uk www.youtube.com
3	www.paypalobjects.com	www.paypal.com elementgames.co.uk www.paypalobjects.com
2	guarantee-cdn.com	elementgames.co.uk
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	live.smartmetrics.co.uk	cdn.salesfire.co.uk
2	elementgames.zendesk.com	static.zdassets.com
2	cdn.particularaudience.com	elementgames.co.uk cdn.particularaudience.com
2	www.google.no	elementgames.co.uk
2	ssl.google-analytics.com	1 redirects elementgames.co.uk
1	fonts.googleapis.com	sleeknotestaticcontent.sleeknote.com
1	analytics.sleeknote.com
1	geolocation.sleeknote.com	sleeknotestaticcontent.sleeknote.com
1	c6.paypal.com	elementgames.co.uk
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	1 redirects
1	cdn.ppcprotect.com	elementgames.co.uk
1	sleeknotecustomerscripts.sleeknote.com	elementgames.co.uk
1	ekr.zdassets.com	static.zdassets.com
1	www.googletagmanager.com	elementgames.co.uk
1	www.googleadservices.com	elementgames.co.uk
1	bit.ly	1 redirects
186	42

This site contains no links.

Subject Issuer	Validity	Valid
elementgames.co.uk GTS CA 1P5	`2023-06-06` - `2023-09-04`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
nsg.symantec.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-05` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.sleeknote.com Amazon RSA 2048 M01	`2023-02-08` - `2024-03-06`	a year	crt.sh
*.cloudiq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-04`	a year	crt.sh
*.ppcprotect.com Amazon RSA 2048 M02	`2023-02-23` - `2023-11-09`	9 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
particularaudience.com Amazon RSA 2048 M01	`2023-02-20` - `2023-11-07`	9 months	crt.sh
salesfire.co.uk Cloudflare Inc ECC CA-3	`2022-11-14` - `2023-11-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
elementgames.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.no GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
smartmetrics.co.uk Amazon RSA 2048 M01	`2023-02-25` - `2024-03-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
guarantee-cdn.com GeoTrust RSA CA 2018	`2022-06-20` - `2023-07-21`	a year	crt.sh
analytics.sleeknote.com GTS CA 1D4	`2023-05-13` - `2023-08-11`	3 months	crt.sh
ik.imagekit.io R3	`2023-04-25` - `2023-07-24`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Frame ID: D942FD2AA43184F2C5318DA9FB20274C
Requests: 121 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&sdkVersion=5.0.378&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJMUJfSTV2bTlOTU5JSGxwSktJc0tBMnNjMUgtQ29XdjF3Y0RrVWRLQ2FBamh0M1VnUk5XZ2RJek9xR2UwZHFDSi1fUkRmUDRsYUZFU2MmY29tbWl0PWZhbHNlJmN1cnJlbmN5PUdCUCZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3NteG53ZWJ6bWFhaW9raWlzZWpsamZyZGNjbHB6ZiJ9fQ&clientID=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&sdkCorrelationID=f523393d855eb&storageID=uid_6086aff6c4_mtc6mda6mtc&sessionID=uid_a989d18622_mtc6mda6mtc&buttonSessionID=uid_013e0418db_mtc6mda6mtc&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=GBP&intent=capture&commit=false&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Frame ID: B4D7B0E4CB27E7DB112C9B81726FAC85
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 3B3E7453C395DA4C95C0146D2B0A829D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XXYFAdWli80
Frame ID: 7C27FFCCC67893F1B7681CFA67F1E2E0
Requests: 21 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 8BEAA3BCC26A35CD752BE690CA67251B
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js
Frame ID: 197AEE645E405A31854BDB56CCC3A365
Requests: 8 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=50e11cf10000640005202af4
Frame ID: 75806DA8E33D24AF9E7C4AF9B02A75B3
Requests: 4 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 987DD5F92042BBDBFF83D6728F95EAE9
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a989d18622_mtc6mda6mtc&s=SMART_PAYMENT_BUTTONS
Frame ID: 20F21B363C89681435D0CFE759139298
Requests: 1 HTTP requests in this frame

Frame: https://geolocation.sleeknote.com/
Frame ID: 3CDB68CA32B21D2C0C3DDCFD66FDDE9A
Requests: 7 HTTP requests in this frame

Frame: blob://https://elementgames.co.uk/0fab8e7b-0baa-45ac-bb15-70023bb04acd
Frame ID: 98CFEAABF1A9FAAEED153E6049E7E601
Requests: 4 HTTP requests in this frame

Frame: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Frame ID: F46EE92CABD1E7A01C7332F74FACF2F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BRUSHSTROKE’S LEAGUES OF VOTANN PAINT BUNDLE - Brushstroke

Page URL History Show full URLs

https://bit.ly/3VGiyWS HTTP 301
https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bu... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

186
Requests

95 %
HTTPS

48 %
IPv6

26
Domains

42
Subdomains

39
IPs

5
Countries

3442 kB
Transfer

9387 kB
Size

32
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3VGiyWS HTTP 301
https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=748235399&utmhn=elementgames.co.uk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BRUSHSTROKE%E2%80%99S%20LEAGUES%20OF%20VOTANN%20PAINT%20BUNDLE%20-%20Brushstroke&utmhid=1605476243&utmr=-&utmp=%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493&utmht=1686589217300&utmac=UA-30912582-1&utmcc=__utma%3D156345327.1396067699.1686589217.1686589217.1686589217.1%3B%2B__utmz%3D156345327.1686589217.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=816243296&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30912582-1&cid=1396067699.1686589217&jid=816243296&_v=5.7.2&z=748235399 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30912582-1&cid=1396067699.1686589217&jid=816243296&_v=5.7.2&z=748235399 HTTP 302
https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30912582-1&cid=1396067699.1686589217&jid=816243296&_v=5.7.2&z=748235399&slf_rd=1&random=3011280901

Request Chain 102

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 125

https://b.stats.paypal.com/v2/counter.cgi?p=uid_a989d18622_mtc6mda6mtc&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a989d18622_mtc6mda6mtc&s=SMART_PAYMENT_BUTTONS

186 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request brushstrokes-leagues-of-votann-paint-bundle Show response
elementgames.co.uk/element-essentials/egaps/brushstroke/
Redirect Chain

https://bit.ly/3VGiyWS
https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

124 KB
24 KB

391ms
250ms

Document
text/html

2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27 PleskLin
Resource Hash: 801443bd0a6e3cde61df3c20d9d54c589a24b44fdf19066fadcd3bb3b4a91d34

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d63a62b4f2efab8-OSL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Jun 2023 17:00:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.27 PleskLin

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 202
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Mon, 12 Jun 2023 17:00:16 GMT
location: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 bootstrap.css
elementgames.co.uk/css/ 26 KB
7 KB 86ms
84ms Stylesheet
text/css 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/css/bootstrap.css?1606956792
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3ce740e2bba08476bbb1544d9e5762f9c16d6f3963669418123832bf17a4eae2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:12 GMT
server: cloudflare
age: 694
etag: W/"5fc836f8-699d"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d63a62ce8c7fab8-OSL

GET
H2 200 style.css
elementgames.co.uk/css/ 35 KB
10 KB 90ms
88ms Stylesheet
text/css 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/css/style.css?1682506664
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8445ec744c339a5cee4d10f11e1c619c7a5e373a0507c19fa9c32d4fc3c3c73d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 10:57:44 GMT
server: cloudflare
age: 694
etag: W/"644903a8-8c11"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d63a62ce8c9fab8-OSL

GET
H2 200 font-awesome.min.css
elementgames.co.uk/font-awesome/css/ 2 KB
715 B 95ms
94ms Stylesheet
text/css 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/font-awesome/css/font-awesome.min.css?1606956811
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4ead984cb2f31783b38447c311fe81e5b088eafc82aca26a3655f4f7e2c289bc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:31 GMT
server: cloudflare
age: 694
etag: W/"5fc8370b-68d"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d63a62ce8cafab8-OSL

GET
H2 200 chris.css
elementgames.co.uk/css/ 10 KB
2 KB 115ms
114ms Stylesheet
text/css 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/css/chris.css?1606956792
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 01c01f435b5bafb4679cb07c4c25d64af2a2096ea867cad1b11fe5e1f2883c4e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:12 GMT
server: cloudflare
age: 694
etag: W/"5fc836f8-2751"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d63a62ce8ccfab8-OSL

GET
H2 200 menu.css
elementgames.co.uk/css/ 1 KB
665 B 89ms
87ms Stylesheet
text/css 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/css/menu.css?1606956792
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5e5ac8ac1fc04afb0730c97d8b0ee1a9c1a316de88b432241fa4441bd9a5d7ab

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:12 GMT
server: cloudflare
age: 694
etag: W/"5fc836f8-4f5"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d63a62ce8cefab8-OSL

GET
H2 200 easyzoom.css
elementgames.co.uk/css/ 748 B
464 B 85ms
83ms Stylesheet
text/css 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/css/easyzoom.css
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 11814acf9e2e82cf456fa7e51107cf4bc3ce0085d03a46e326062f8694041c2f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:12 GMT
server: cloudflare
age: 3294
etag: W/"5fc836f8-2ec"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 7d63a62ce8d2fab8-OSL

GET
H2 200 tp.widget.sync.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 1 KB
1 KB 295ms
96ms Script
application/x-javascript 143.204.231.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.231.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-231-40.cdg3.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 01:13:39 GMT
via: 1.1 c04e95cc4381bc0a5e45bf722eb707c0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C1
age: 56799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 712
x-xss-protection: 1; mode=block
last-modified: Wed, 03 May 2023 13:48:29 GMT
server: AmazonS3
etag: "a148992a7b15dc7e6a9fa9d5e18e4368"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: OfP5keURIdwtqj-YVI_-f6CcNHVucP_5_k8OYqx3L7af0Xi9LOlIvg==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 200ms
87ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=88b6432b-c8dc-42bb-9a91-9f49e3363a48

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:16 GMT
x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PZWCSFXXNZ5QZNTG
age: 57
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: p4D04AYldbMr2lRQLb6qJ83nB5n1d0z61Pm+5Vke4aPXcJP/BLxazDDHnawZ6fGjhavNSNHOeR4=
last-modified: Sun, 14 May 2023 23:22:32 GMT
server: cloudflare
etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyiLXC5xrVeBOIvkrcIP1Ge1weLcBGm992pN7Gmn072gHJdO6T3eay6PTg6aSfZZUCKIDzwp%2FCsrNJlf%2Bl47y%2BEJiEENdq9itfIAc20XGNIwTmdjkyTQNZRSbAnY0pcuZPtcbqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7d63a62d9d64d96f-HEL

GET
H2 200 common.js Show response
elementgames.co.uk/js/ 1 KB
577 B 84ms
83ms Script
application/javascript 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/js/common.js?1606956818
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 78c2aea48d0e689689ea8350023b070444d4d29d9fe78569d024e2ebaade0135

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:38 GMT
server: cloudflare
age: 694
etag: W/"5fc83712-484"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d63a62ce8d4fab8-OSL

GET
H2 200 jquery-1.10.2.js Show response
elementgames.co.uk/js/ 91 KB
32 KB 97ms
96ms Script
application/javascript 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/js/jquery-1.10.2.js
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:39 GMT
server: cloudflare
age: 694
etag: W/"5fc83713-16bb2"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d63a62ce8d6fab8-OSL

GET
H2 200 element-games-2-small.png
elementgames.co.uk/images/ 11 KB
11 KB 91ms
83ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/element-games-2-small.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 43af8c97a3558ddfc5c7459d10376c1370776752e8a615788fbc13414d13648c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Jul 2019 02:38:02 GMT
server: cloudflare
age: 695
etag: "5d23fe0a-2d09"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4a91fab8-OSL
content-length: 11529

GET
H2 200 artis-opus-series-d.jpg
elementgames.co.uk/images/banners/ 18 KB
18 KB 130ms
123ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/banners/artis-opus-series-d.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7290b3900772f8f4fbfb61158cce315f2f7f13d1d46eb061a401a58b01b3fad5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 20 Nov 2019 13:05:22 GMT
server: cloudflare
age: 695
etag: "5dd53a12-47df"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4a94fab8-OSL
content-length: 18399

GET
H2 200 airbrushes-harder-and-steenbeck.png
elementgames.co.uk/images/banners/ 19 KB
19 KB 112ms
105ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/banners/airbrushes-harder-and-steenbeck.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 96abed43c5a6423a436e5ff656a762587e513187ebdc1b24c26c06b5d66c601a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Nov 2019 03:11:43 GMT
server: cloudflare
age: 695
etag: "5dc4dcef-4bb0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4a97fab8-OSL
content-length: 19376

GET
H2 200 js Show response
www.paypal.com/sdk/ 270 KB
76 KB 186ms
64ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&commit=false&currency=GBP&components=buttons,funding-eligibility

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1b86726fee08ad51f2bc712ca3ca009d747dd94f584bf98a3250afad77fccde

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-3/tDFlYiVNEkomnTLJQJkrtXzojImY/5g9N+OJp4VgfxLztR' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3/tDFlYiVNEkomnTLJQJkrtXzojImY/5g9N+OJp4VgfxLztR' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-3/tDFlYiVNEkomnTLJQJkrtXzojImY/5g9N+OJp4VgfxLztR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3/tDFlYiVNEkomnTLJQJkrtXzojImY/5g9N+OJp4VgfxLztR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 17:00:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5025
x-cache: HIT, HIT
p3p: true
paypal-debug-id: f695848441b6d
server-timing: "traceparent;desc="00-0000000000000000000f695848441b6d-73a8673b0b430a27-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 75997
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230049-FRA, cache-bma1659-BMA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f695848441b6d-e10cace2b63ac0f7-01
x-timer: S1686589217.023224,VS0,VE2
etag: W/"128dd-8HbbBMd1p4RBPejj0Ws5nd1UHkE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 warhammer-40k.jpg
elementgames.co.uk/images/logos/new-releases/ 11 KB
11 KB 99ms
92ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/logos/new-releases/warhammer-40k.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9e7a98ac9ee5eba75dffd3dfc3780e3e40ab25f2f092bc2d87960eb867152ca3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 23 Sep 2014 14:40:48 GMT
server: cloudflare
age: 695
etag: "54218670-2b9e"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4a9afab8-OSL
content-length: 11166

GET
H2 200 games-workshop.jpg
elementgames.co.uk/images/logos/new-releases/ 5 KB
5 KB 121ms
115ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/logos/new-releases/games-workshop.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fafbda63fb858a2bcb157eaf3198609387dc3000355433663fdafef09f5178ea

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 18 Sep 2014 19:26:44 GMT
server: cloudflare
age: 695
etag: "541b31f4-1254"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4a9cfab8-OSL
content-length: 4692

GET
H2 200 age-of-sigmar.png
elementgames.co.uk/images/logos/new-releases/ 12 KB
12 KB 103ms
97ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/logos/new-releases/age-of-sigmar.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a3301a0723cca2c68783cc2f993be5d43f0820531b66d6dbd6ae570c62f3483c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Oct 2016 10:33:07 GMT
server: cloudflare
age: 694
etag: "58108663-2f21"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4a9ffab8-OSL
content-length: 12065

GET
H2 200 4.citadel-paints-and-brushes.jpg
elementgames.co.uk/images/games/ 5 KB
5 KB 109ms
102ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/games/4.citadel-paints-and-brushes.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: be9457fa012e044e239436fd86a7ad27756c1b8c567363de32724eda50f4cb4d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 09 Jul 2019 02:38:46 GMT
server: cloudflare
age: 694
etag: "5d23fe36-1420"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4aa2fab8-OSL
content-length: 5152

GET
H2 200 necromunda.jpg
elementgames.co.uk/images/logos/ 3 KB
3 KB 130ms
124ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/logos/necromunda.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fd26267e37030bfddc821629a908e965af102a6fbfd581bd8cf74cf2a0438470

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 08 Nov 2019 03:48:17 GMT
server: cloudflare
age: 694
etag: "5dc4e581-aaf"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4aa4fab8-OSL
content-length: 2735

GET
H2 200 blood-bowl.jpg
elementgames.co.uk/images/logos/new-releases/ 3 KB
3 KB 130ms
123ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/logos/new-releases/blood-bowl.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d4d4a24124782099b9b70a07c2fbfc1cc88552f7fd7eb435b96231e73f40c38a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 11 Nov 2016 12:16:44 GMT
server: cloudflare
age: 693
etag: "5825b6ac-c76"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4aa6fab8-OSL
content-length: 3190

GET
H2 200 add-item.js Show response
elementgames.co.uk/js/ajax/ 2 KB
1 KB 86ms
85ms Script
application/javascript 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/js/ajax/add-item.js?1607020226
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4fedcefd7fd6e4b5191a374b1a99f2bb558861d62a2fc3e5cf99fd4e52b86ad7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 18:30:26 GMT
server: cloudflare
age: 695
etag: W/"5fc92ec2-92f"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d63a62e2a69fab8-OSL

GET
H2 200 product.js Show response
elementgames.co.uk/js/pages/ 5 KB
2 KB 97ms
91ms Script
application/javascript 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/js/pages/product.js?1606956819
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 04ad3dc64c610e09119fe8f53a0a393433e258e7527f3385dd18ab7aa8047e2a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:39 GMT
server: cloudflare
age: 3295
etag: W/"5fc83713-146e"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d63a62e3a76fab8-OSL

GET
H2 200 popup.js Show response
elementgames.co.uk/js/ 467 B
377 B 131ms
123ms Script
application/javascript 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/js/popup.js?1606956819
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 25aae47e3d86e729232a1d56bfa91026ee6315b6c75b74d7e2f1c52ecfebb1f0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:39 GMT
server: cloudflare
age: 3295
etag: W/"5fc83713-1d3"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d63a62e4a84fab8-OSL

GET
H2 200 close.png
elementgames.co.uk/images/ 1022 B
1 KB 107ms
101ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/close.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 95acbc49947a73f9202a33014b90180a4fcfc201acdd2b7725131e979a0cb136

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Sat, 07 Jun 2014 22:09:31 GMT
server: cloudflare
age: 3295
etag: "53938d9b-3fe"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4aa7fab8-OSL
content-length: 1022

GET
H2 200 107097-large.jpg
elementgames.co.uk/images/products/91484/ 173 KB
173 KB 212ms
206ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/91484/107097-large.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a33cac2582762ac33d896fc48722f5e2a08b08b88e9f5f9d4ae513a6d58064d5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: MISS
last-modified: Tue, 06 Dec 2022 13:14:56 GMT
server: cloudflare
etag: "638f4050-2b3bc"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4aa9fab8-OSL
content-length: 177084

GET
H2 200 green-button-small.png
elementgames.co.uk//images/ 3 KB
3 KB 130ms
124ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk//images/green-button-small.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1b8eeb4c11b246024642a7641b76fafea8d20cedc7b8e94fd4e839af19c05340

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Jul 2019 02:38:14 GMT
server: cloudflare
age: 3295
etag: "5d23fe16-c2a"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62e4aaafab8-OSL
content-length: 3114

GET
H2 200 light-green-button-small.png
elementgames.co.uk//images/ 3 KB
3 KB 166ms
160ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk//images/light-green-button-small.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9ac498adfcd049fea24a96bbf91891bd3baf3c87385bddb26f2fae9e49cc5461

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Jul 2019 02:38:15 GMT
server: cloudflare
age: 3295
etag: "5d23fe17-c16"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62eaafefab8-OSL
content-length: 3094

GET
H2 200 blue-button-small.png
elementgames.co.uk//images/ 3 KB
3 KB 165ms
159ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk//images/blue-button-small.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b35d8307cc6736b32aba3c2c5ec84af9602f9c7110208389c03e43e066b617cc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Jul 2019 02:38:01 GMT
server: cloudflare
age: 3295
etag: "5d23fe09-c23"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62eab00fab8-OSL
content-length: 3107

GET
H2 200 red-button-small.png
elementgames.co.uk//images/ 270 B
367 B 167ms
161ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk//images/red-button-small.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 15f6a80af33407e09c24a88c3f7f88115e18fcf817074989f35a338342d88351

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Jul 2019 02:38:17 GMT
server: cloudflare
age: 3295
etag: "5d23fe19-10e"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62eab03fab8-OSL
content-length: 270

GET
H2 200 light-green-button.png
elementgames.co.uk//images// 4 KB
4 KB 280ms
274ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk//images//light-green-button.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ba71a3e48ba5f6a11c4eeee12673bc4f8730902ca936bb9982304d293bbbbb34

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2019 02:38:16 GMT
server: cloudflare
etag: "5d23fe18-e2f"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62eab05fab8-OSL
content-length: 3631

GET
H2 200 van-icon.png
elementgames.co.uk/images/ 2 KB
2 KB 166ms
161ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/van-icon.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 12ad4b5f15ba3188b03775a1824e3a2025314baf8cb507988d641fc3519c275d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Jul 2019 02:38:19 GMT
server: cloudflare
age: 3295
etag: "5d23fe1b-7ba"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62eab06fab8-OSL
content-length: 1978

GET
H2 200 eu.png
elementgames.co.uk/images/flags/ 445 B
547 B 166ms
160ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/flags/eu.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 25dc57cb610700eddedb2d486218a44a7eb75369b4ebc61eb0c5ef903f8e398b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Mon, 10 Jun 2013 09:08:33 GMT
server: cloudflare
age: 3295
etag: "51b59791-1bd"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62eab07fab8-OSL
content-length: 445

GET
H2 200 card-images-small.png
elementgames.co.uk/images/ 12 KB
12 KB 166ms
161ms Image
image/png 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/card-images-small.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 02a81d6352b2d7f0c08475dad19eca519b4278d8b10dc13e6aaf9460628112cb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Mon, 10 Jun 2013 09:08:30 GMT
server: cloudflare
age: 693
etag: "51b5978e-2fd1"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62eab08fab8-OSL
content-length: 12241

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 317ms
128ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e5679971d3025506224b33c1543e5876506ea1525ce504023bb344f3c64c0bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18409
x-xss-protection: 0
server: cafe
etag: 3799172659183169966
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 17:00:17 GMT

GET
H2 200 bootstrap.js Show response
elementgames.co.uk/js/ 54 KB
11 KB 132ms
124ms Script
application/javascript 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/js/bootstrap.js
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 535a0eb07fb0fbd62a59719e584c1b27a71066285b222f21684eaf4606ea9e01

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:38 GMT
server: cloudflare
age: 695
etag: W/"5fc83712-d7cc"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d63a62e4a87fab8-OSL

GET
H2 200 modern-business.js Show response
elementgames.co.uk/js/ 182 B
223 B 95ms
87ms Script
application/javascript 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/js/modern-business.js
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 34db699e0ad7ab516ea3cf0af47a61fee39c11065b75b213295b130016244673

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:39 GMT
server: cloudflare
age: 695
etag: W/"5fc83713-b6"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d63a62e4a8bfab8-OSL

GET
H2 200 easyzoom.js Show response
elementgames.co.uk/js/ 4 KB
2 KB 167ms
159ms Script
application/javascript 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/js/easyzoom.js
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c95da77b97a9a32000e27ae1e0d2538354e5de6cdca1bd995b73ff56a6b6126b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:38 GMT
server: cloudflare
age: 695
etag: W/"5fc83712-fcf"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d63a62e4a8efab8-OSL

GET
H2 200 gjs.aspx Show response
nsg.symantec.com/Web/Seal/ 3 KB
2 KB 362ms
91ms Script
application/x-javascript 23.201.254.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/gjs.aspx?SN=963443996
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.254.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-254-231.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: fc206c41704412a0ccb5e81aaf71f492fb700668b7ac961079595c25e583854e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
etag: "4dfa1c7db5454c37"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
content-length: 1627
expires: Tue, 13 Jun 2023 17:00:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
56 KB 279ms
95ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53X98FZ

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b7135e625ac5dd7be7ea82ad2512847d2755ea450b3a022e036229539f05903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56474
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 16:23:34 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 17:00:17 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 271ms
88ms Script
text/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 16:51:47 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 510
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 12 Jun 2023 18:51:47 GMT

GET
H2 200 88b6432b-c8dc-42bb-9a91-9f49e3363a48 Show response
ekr.zdassets.com/compose/ 390 B
1 KB 193ms
77ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/88b6432b-c8dc-42bb-9a91-9f49e3363a48

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=88b6432b-c8dc-42bb-9a91-9f49e3363a48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33739f2d46ef64baea5d1bbb2e0a28cd641ba1923ae074cd69696991b90a38c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 2
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7d38b320fa1e2196-SEA, 7d38b320fa1e2196-SEA
x-runtime: 0.011075
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"33739f2d46ef64baea5d1bbb2e0a28cd"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=milEBZiJpRXJOjy3SQQQXXNZPFyVIkeXB5YJDuftIHyvaC2yYdIpkK6h2DC5LW%2FK6CDi9JKRX7ccfp6qRT0FLhWFxBTaORgehTT3QZ%2BwfHxA6C6Q9LssUSg%2BsmQVgVY6B2E%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7d63a62ee8a8d90a-HEL

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 90ms
62ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=edbb5934-114e-424b-8456-13f5ea1c25df

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c1251bda7bb9e0f2e078fe5278d88ba54ba8c74953c703c714d657a4fa1ec03e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-cEd5PwYTGKN7nv0bcUtCV7nKfUvnyuaA64YwNdsIaFE1wyix' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-cEd5PwYTGKN7nv0bcUtCV7nKfUvnyuaA64YwNdsIaFE1wyix' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 17:00:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48512
x-cache: HIT, HIT
paypal-debug-id: f243633c3c1ce
server-timing: "traceparent;desc="00-0000000000000000000f243633c3c1ce-7c9556204c5e1e82-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 5013
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220098-FRA, cache-bma1659-BMA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f243633c3c1ce-706de0a360d00ef5-01
x-timer: S1686589217.023228,VS0,VE1
etag: W/"389b-GPCkKjYIpbLYKUs/VhBuJ1LrCLo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 56819.js Show response
sleeknotecustomerscripts.sleeknote.com/ 6 KB
2 KB 247ms
80ms Script
text/javascript 13.227.219.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotecustomerscripts.sleeknote.com/56819.js
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-112.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9455ea00d2269a445396770bfe1d9ed73353a0f267f84eaf86ee8bf5439c871f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: ztuIyTGCIxlYQXs.8E_fjRK3eqVJEyVp
content-encoding: gzip
via: 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 17:00:15 GMT
x-amz-cf-pop: AMS54-C1
age: 19
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1268
last-modified: Wed, 30 Nov 2022 07:37:51 GMT
server: AmazonS3
etag: "8f800e4d90b141bec86962171547111f"
content-type: text/javascript; charset=utf-8
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: T57l0b1l_5XaYaxg7IZIvDpJlsuWOGa3yN4MmhuhOgmzjCS0NoQWkA==

GET
H2 200 0a2894e3-7fa9-402f-8ba0-01ad76f433ea-jjzdrwtn.js Show response
paypal-eu-cdn.cloudiq.com/tag/ 9 KB
10 KB 186ms
60ms Script
application/javascript 35.190.88.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal-eu-cdn.cloudiq.com/tag/0a2894e3-7fa9-402f-8ba0-01ad76f433ea-jjzdrwtn.js
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.88.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 141.88.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 32d3a5a6aeae890944fc15d4deb94ceaf57cedc586206a48ae708c940c6c3761

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:48:42 GMT
age: 695
x-guploader-uploadid: ADPycdvBFp8E2_dZG5c5-j09iGtnQ_lp9eW0cjWcSZsxYBG-oy0pt9QiS4GBKOwWsBpiiDNGOfCAlYOrvY_NBVz_rHn7VA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9413
last-modified: Thu, 05 Jan 2023 16:23:28 GMT
server: UploadServer
etag: "cdee9c884fe963e7aa624a78d826f025"
x-goog-generation: 1672935808548561
x-goog-hash: crc32c=n8dJDQ==, md5=ze6ciE/pY+eqYkp42CbwJQ==
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
x-goog-stored-content-length: 9413
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:48:42 GMT

GET
H2 200 va-monitor.js Show response
cdn.ppcprotect.com/tracking/ 0
374 B 281ms
90ms Script
application/javascript 2600:9000:211a:b600:d:33cb:c9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ppcprotect.com/tracking/va-monitor.js
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b600:d:33cb:c9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: Yj31.J_9NmKGz9LupUUKDzsW4k1F35QN
date: Mon, 12 Jun 2023 03:05:28 GMT
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
last-modified: Mon, 29 Nov 2021 15:38:29 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 50338
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: LZOrphWNd5Lfs-5b1VCtxSUiOoW2KAq3SXzpdj50slKmHaXLuz7nMg==

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 246ms
63ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=edbb5934-114e-424b-8456-13f5ea1c25df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F6AB) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 53fa82b31c9e8
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (ska/F6AB)
traceparent: 00-000000000000000000053fa82b31c9e8-a23b45121c3f8dd1-01
etag: "6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 12 Jun 2023 18:00:17 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
827 B 363ms
240ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics%3A%3ATCPQDNB798RPE-1&page=muse%3Athird-party%3Aanalytics%3A%3ATCPQDNB798RPE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=edbb5934-114e-424b-8456-13f5ea1c25df&fltp=analytics&mrid=TCPQDNB798RPE&code=UNKNOWN_BN_CODE&partner_name=UNKNOWN_PARTNER_NAME&flag_consume=yes&pt=BRUSHSTROKE%E2%80%99S%20LEAGUES%20OF%20VOTANN%20PAINT%20BUNDLE%20-%20Brushstroke&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1686589217069&g=0&completeurl=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 12 Jun 2023 17:00:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: fa41f49268102
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220069-FRA, cache-bma1672-BMA
pragma: no-cache
correlation-id: fa41f49268102
traceparent: 00-0000000000000000000fa41f49268102-226e824e9e704319-01
x-timer: S1686589217.213600,VS0,VE180
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 17:00:17 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
6 KB 64ms
63ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=elementgames.co.uk&t=xo&v=5.0.378&source=payments_sdk&client_id=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&comp=buttons,funding-eligibility&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&commit=false&currency=GBP&components=buttons,funding-eligibility

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-hXot2fMd0HVnhXJ/RifPXv7vJxDrctazn+Y005C7EAOUfqJi' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-hXot2fMd0HVnhXJ/RifPXv7vJxDrctazn+Y005C7EAOUfqJi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 17:00:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 3292
x-cache: HIT, HIT
paypal-debug-id: f78355329f94f
server-timing: "traceparent;desc="00-0000000000000000000f78355329f94f-b64e862afa21b53b-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230079-FRA, cache-bma1659-BMA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f78355329f94f-96971c96086b0777-01
x-timer: S1686589217.178400,VS0,VE1
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 5, 2

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame B4D7 380 KB
139 KB 501ms
500ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&sdkVersion=5.0.378&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJMUJfSTV2bTlOTU5JSGxwSktJc0tBMnNjMUgtQ29XdjF3Y0RrVWRLQ2FBamh0M1VnUk5XZ2RJek9xR2UwZHFDSi1fUkRmUDRsYUZFU2MmY29tbWl0PWZhbHNlJmN1cnJlbmN5PUdCUCZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3NteG53ZWJ6bWFhaW9raWlzZWpsamZyZGNjbHB6ZiJ9fQ&clientID=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&sdkCorrelationID=f523393d855eb&storageID=uid_6086aff6c4_mtc6mda6mtc&sessionID=uid_a989d18622_mtc6mda6mtc&buttonSessionID=uid_013e0418db_mtc6mda6mtc&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=GBP&intent=capture&commit=false&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba8741cfca21c1a990c32e39ea60d26700c07bee6fe7b78eb2aabcdcbc145e6a

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://elementgames.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Mon, 12 Jun 2023 17:00:17 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5f114-rGDuz0CFxFA1V/1deYAMIpi71FI"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f9174026fcafa
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f9174026fcafa-30b4bbaca6d320b6-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f9174026fcafa-86150da148800495-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-eddf8230026-FRA, cache-bma1659-BMA
x-timer: S1686589217.239754,VS0,VE440
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 3B3E 3 KB
2 KB 94ms
61ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F74B) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1867a673a7a0f
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (ska/F74B)
traceparent: 00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 12 Jun 2023 18:00:17 GMT

GET
H2 200 ajax-loading.gif
elementgames.co.uk/images/ 9 KB
9 KB 82ms
82ms Image
image/gif 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/ajax-loading.gif
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1e7d2e5d4678e843e849ac9555fb8b3908cffa68e92fb6bcd17e066c1694e3da

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Mon, 10 Jun 2013 09:08:33 GMT
server: cloudflare
age: 693
etag: "51b59791-2245"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62fcbeefab8-OSL
content-length: 8773

GET
H2 200 XXYFAdWli80 Show response
www.youtube.com/embed/ Frame 7C27 73 KB
31 KB 334ms
150ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XXYFAdWli80

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63d5cb9fa8965833e7c3a37dc14038658b514691f634914bb3732c7fd42869b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elementgames.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 17:00:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fi for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 space-background.jpg
elementgames.co.uk/images/ 137 KB
137 KB 88ms
87ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/space-background.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/css/style.css?1682506664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9fa556b6b7eb2595854401a4d492301f836d6f5aa4354a877d3f75f25b014503

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/css/style.css?1682506664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 04 Nov 2019 01:59:36 GMT
server: cloudflare
age: 694
etag: "5dbf8608-2246f"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62fdc09fab8-OSL
content-length: 140399

GET
H2 200 footerbg.jpg
elementgames.co.uk/images/ 6 KB
6 KB 83ms
81ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/footerbg.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/css/style.css?1682506664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b5764918621234540ef053eda027ab15f21520454b99484c7947b3266fb7ba20

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/css/style.css?1682506664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 04 Nov 2019 02:14:43 GMT
server: cloudflare
age: 693
etag: "5dbf8993-161f"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62fec14fab8-OSL
content-length: 5663

GET
H2 200 glyphicons-halflings-regular.woff
elementgames.co.uk/fonts/ 23 KB
23 KB 125ms
124ms Font
font/woff 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/fonts/glyphicons-halflings-regular.woff
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/css/bootstrap.css?1606956792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067

Request headers

Referer: https://elementgames.co.uk/css/bootstrap.css?1606956792
Origin: https://elementgames.co.uk
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Dec 2020 00:53:33 GMT
server: cloudflare
etag: "5fc8370d-5afc"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62fec12fab8-OSL
content-length: 23292

GET
H2 200 fontawesome-webfont.woff
elementgames.co.uk/font-awesome/fonts/ 43 KB
44 KB 98ms
98ms Font
font/woff 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/font-awesome/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/font-awesome/css/font-awesome.min.css?1606956811
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer: https://elementgames.co.uk/font-awesome/css/font-awesome.min.css?1606956811
Origin: https://elementgames.co.uk
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Dec 2020 00:53:32 GMT
server: cloudflare
age: 3295
etag: "5fc8370c-ad90"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a62fec16fab8-OSL
content-length: 44432

GET
H2 200 element-games-at-salute-2016.jpg
elementgames.co.uk/images/ 18 KB
18 KB 87ms
85ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/element-games-at-salute-2016.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cef32bcec280a2009c763b5b4e5247da7b1bf886387aae2d466db859abe53d15

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 21 Mar 2022 15:18:40 GMT
server: cloudflare
age: 3295
etag: "62389750-48db"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a6301c3efab8-OSL
content-length: 18651

GET
H2 200 element-games-stockport-store.jpg
elementgames.co.uk/images/ 14 KB
15 KB 89ms
88ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/element-games-stockport-store.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 37b30d4771b212da0b83354880b70a43b9b7a357ef407dc3d355a7a0a1560525

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 21 Mar 2022 15:25:20 GMT
server: cloudflare
age: 3295
etag: "623898e0-398e"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a6301c41fab8-OSL
content-length: 14734

GET
H2 200 element-games-north-west-gaming-centre.jpg
elementgames.co.uk/images/ 16 KB
17 KB 82ms
80ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/element-games-north-west-gaming-centre.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 303cf5bb5b805b184ae16c6971e243397b8e9de6b353935786d298333d92c6f0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 21 Mar 2022 15:23:36 GMT
server: cloudflare
age: 3295
etag: "62389878-41bb"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a6301c45fab8-OSL
content-length: 16827

GET
H2 200 element-games-sheffield.jpg
elementgames.co.uk/images/ 15 KB
15 KB 95ms
95ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/element-games-sheffield.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 718db4b4ff7b3ed40548468793f14d3a08f73ff4ca0c1fae2be05d57b7ed0e2b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 21 Mar 2022 15:17:50 GMT
server: cloudflare
age: 3295
etag: "6238971e-3d44"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a6301c46fab8-OSL
content-length: 15684

GET
H2 200 element-games-nottingham.jpg
elementgames.co.uk/images/ 16 KB
16 KB 83ms
83ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/element-games-nottingham.jpg
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03980b16a4d0762686aa734bc60feca566388d9385ed08e922eb24726a7f4c7e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 21 Mar 2022 15:27:31 GMT
server: cloudflare
age: 3295
etag: "62389963-3e5a"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a6301c48fab8-OSL
content-length: 15962

GET
H2 200 entry.js Show response
paypal-eu-cdn.cloudiq.com/tag-modules-obf/ 105 KB
39 KB 61ms
60ms Script
application/javascript 35.190.88.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/entry.js
Requested by: Host: paypal-eu-cdn.cloudiq.com
URL: https://paypal-eu-cdn.cloudiq.com/tag/0a2894e3-7fa9-402f-8ba0-01ad76f433ea-jjzdrwtn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.88.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 141.88.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 28f1af4f6068d70d71045b2e3e619a8f49155412990bb0069c488428780f6760

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 20 May 2023 07:33:53 GMT
content-encoding: gzip
age: 2021184
x-guploader-uploadid: ADPycdvZqXXKFIkDGM0yokEal823zTuSyGa_-J2EvwHcJ8jsXfFt0BcWJ318jjbQxi2JO6uOxRuUaBKu-Z3o6ENX4XhrNQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39565
last-modified: Thu, 11 Nov 2021 12:51:44 GMT
server: UploadServer
etag: "e53c74189d1826ed03b21b8da8515df9"
x-goog-generation: 1636635104064923
x-goog-hash: crc32c=jeTTMA==, md5=5Tx0GJ0YJu0DshuNqFFd+Q==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 39565
accept-ranges: bytes
expires: Sun, 19 May 2024 07:33:53 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
496 B 243ms
243ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=BRUSHSTROKE%E2%80%99S%20LEAGUES%20OF%20VOTANN%20PAINT%20BUNDLE%20-%20Brushstroke&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1686589217274&g=0&completeurl=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 12 Jun 2023 17:00:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: b96a12511279d
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220073-FRA, cache-bma1672-BMA
pragma: no-cache
correlation-id: b96a12511279d
traceparent: 00-0000000000000000000b96a12511279d-146a6b0faa297f22-01
x-timer: S1686589217.301076,VS0,VE178
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 17:00:17 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 100ms
100ms Script
application/x-javascript 143.204.231.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.231.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-231-40.cdg3.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 05:42:04 GMT
via: 1.1 c04e95cc4381bc0a5e45bf722eb707c0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C1
age: 40694
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6676
x-xss-protection: 1; mode=block
last-modified: Wed, 03 May 2023 13:48:29 GMT
server: AmazonS3
etag: "befec09eb386fc68a0869c8d1b529dd6"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: NSjnx3QQOfJymZ9Lg4rMCzR58HBU52v25EoAnvRqEOGp5i07a9Uy_w==

GET
H2

200

ga-audiences
www.google.no/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=748235399&utmhn=elementgames.co.uk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BR...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30912582-1&cid=1396067699.1686589217&jid=816243296&_v=5.7.2&z=748235399
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30912582-1&cid=1396067699.1686589217&jid=816243296&_v=5.7.2&z=748235399
https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30912582-1&cid=1396067699.1686589217&jid=816243296&_v=5.7.2&z=748235399&slf_rd=1&random=3011280901

42 B
107 B

117ms
116ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30912582-1&cid=1396067699.1686589217&jid=816243296&_v=5.7.2&z=748235399&slf_rd=1&random=3011280901

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30912582-1&cid=1396067699.1686589217&jid=816243296&_v=5.7.2&z=748235399&slf_rd=1&random=3011280901
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1009235869/ 3 KB
2 KB 283ms
103ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1009235869/?random=1686589217313&cv=9&fst=1686589217313&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493&tiba=BRUSHSTROKE%E2%80%99S%20LEAGUES%20OF%20VOTANN%20PAINT%20BUNDLE%20-%20Brushstroke&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df1a0d0c6515f650fd9dc13a3a20137b3db8c30a3697a2864b4d72d49c6d891e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1485
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 8BEA 54 KB
17 KB 64ms
64ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F764) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://elementgames.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Mon, 12 Jun 2023 17:00:17 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Mon, 12 Jun 2023 18:00:17 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: ef494bc2450f7
server: ECAcc (ska/F764)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000ef494bc2450f7-d22a6fb0661fcebb-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H3 200 dca.js Show response
paypal-eu-cdn.cloudiq.com/tag-modules-obf/ 54 KB
24 KB 61ms
60ms Script
application/javascript 35.190.88.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/dca.js
Requested by: Host: paypal-eu-cdn.cloudiq.com
URL: https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/entry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.88.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 141.88.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0733bb5debbf093132e64bcf234053a73370863ada144848f62cb044eee54bcb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:13:40 GMT
content-encoding: gzip
age: 1993597
x-guploader-uploadid: ADPycdtNjAjq9Mq6oW2Wbc8uLyj63He0E6BRBJwve0v89HFXQYUPXt1rpWJGYtB44ARpKzy8ExAWVwDr7Fq_4mU7TfQpGfXtGq1z
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24942
last-modified: Wed, 23 Mar 2022 15:20:26 GMT
server: UploadServer
etag: "1d74d4d6d50a903b00ef65713dfd36b1"
x-goog-generation: 1648048826314164
x-goog-hash: crc32c=P1vTIA==, md5=HXTU1tUKkDsA72VxPf02sQ==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 24942
accept-ranges: bytes
expires: Sun, 19 May 2024 15:13:40 GMT

GET
H3 200 ce.js Show response
paypal-eu-cdn.cloudiq.com/tag-modules-obf/ 23 KB
10 KB 65ms
65ms Script
application/javascript 35.190.88.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/ce.js
Requested by: Host: paypal-eu-cdn.cloudiq.com
URL: https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/entry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.88.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 141.88.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b7d02f16d91169758d19dbaab5197d9cfc76787b123e6e5ae1029495b1780181

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 20 May 2023 00:24:37 GMT
content-encoding: gzip
age: 2046940
x-guploader-uploadid: ADPycdsucPrBbXC2CXwJruBUJRdbFDAldRrwLdDuKgQaQwCLK90rAVt5JS-RNNf6QPugbxf3smBl4jGuGfObQZwjZNpTHtnh4_K6
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10285
last-modified: Wed, 17 Nov 2021 10:47:08 GMT
server: UploadServer
etag: "fe58ca4ea9b1fe1521aa841937657781"
x-goog-generation: 1637146028934800
x-goog-hash: crc32c=3Zt0AA==, md5=/ljKTqmx/hUhqoQZN2V3gQ==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 10285
accept-ranges: bytes
expires: Sun, 19 May 2024 00:24:37 GMT

GET
H2 200 push
paypal-eu-arh.cloudiq.com/pubsub/ 0
0 284ms
96ms Image
application/json 34.76.56.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypal-eu-arh.cloudiq.com/pubsub/push?token=1234&data=eyJ2ZXJzaW9uIjoiMS40LjEiLCJwYWdlIjp7InBhZ2VOYW1lIjoiQlJVU0hTVFJPS0XigJlTIExFQUdVRVMgT0YgVk9UQU5OIFBBSU5UIEJVTkRMRSAtIEJydXNoc3Ryb2tlIiwiZGVzdGluYXRpb25VUkwiOiJodHRwczovL2VsZW1lbnRnYW1lcy5jby51ay9lbGVtZW50LWVzc2VudGlhbHMvZWdhcHMvYnJ1c2hzdHJva2UvYnJ1c2hzdHJva2VzLWxlYWd1ZXMtb2Ytdm90YW5uLXBhaW50LWJ1bmRsZT9kPTEwNDkzIiwicmVmZXJyaW5nVVJMIjoiIn0sImV2ZW50Ijp7InBhZ2VMb2FkIjoxNjg2NTg5MjE3NDAyfSwiZGV2aWNlIjp7InR5cGUiOiJkZXNrdG9wIn0sInRhZyI6eyJ0YWdJZCI6IjBhMjg5NGUzLTdmYTktNDAyZi04YmEwLTAxYWQ3NmY0MzNlYS1qanpkcnd0biJ9LCJ1c2VyIjp7ImlkIjoiY2lxdWlkLTAwMTg4YjA4ZDFhN2MtMDEtMzBlOTkwIiwicmV0dXJuaW5nU3RhdHVzIjpmYWxzZSwiZmluZ2VycHJpbnQiOjM3NDk4NzczODh9fQ%3D%3D
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.76.56.218 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.56.76.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H/1.1 200
OK t.js Show response
cdn.particularaudience.com/js/ele/ 288 KB
72 KB 261ms
95ms Script
application/javascript 18.65.39.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.particularaudience.com/js/ele/t.js
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-11.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24523eb925480364b3863c5cbc4cbd49127a7c1ce67ef8806d7f23e6ab0a2d45

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: zKSxmlKJkfa6MaB_RYSdRBYc49WZqHb3
Content-Encoding: gzip
Via: 1.1 9835af751c15612a813bbc131d2ce1e6.cloudfront.net (CloudFront)
Date: Mon, 12 Jun 2023 07:49:53 GMT
Last-Modified: Tue, 19 Apr 2022 08:13:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-P1
Age: 33025
ETag: W/"7a1bf76bb28991e15d2d1018d4585e50"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 0nI8kf8wj02gXuTnDqam8aA06St0GROU_mVlcF0-XFYSAGokASDKqg==

GET
H2 200 5eeef24e-1953-4749-ba37-245b19e4b382.js Show response
cdn.salesfire.co.uk/code/ 3 KB
2 KB 439ms
291ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.salesfire.co.uk/code/5eeef24e-1953-4749-ba37-245b19e4b382.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53X98FZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ca748c2d28ce25f7ae6c4559f85f7a0d487e86691a8ff73c8c38ed007d5d45

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
x-amz-version-id: 7SZd.TwSjwQYzXHv1LX2HaIuZyRIsUmw
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 28 May 2023 23:00:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: STF16M6F8PJEXJGC
etag: W/"1e71be2cf838712c696409f46d384c57"
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KX7gb2ke4lMN%2FYOP8HIQot6AHR0hwsaJfz%2F%2BFgw6E5cHfliiSqzVCaT%2BwU8kdhsu%2Bee5O9IYz9xVlWOB4qmgL8ZfTxv%2FUJLmqHZrkhfiiBFmMD78arBL1zKMdMwwMkRzkl3NR6vKj0vrqFwSpaaT8dmo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7d63a6322f070b3d-OSL
alt-svc: h3=":443"; ma=86400
x-amz-id-2: zoU+DZ6TAymD4QN8gkH15O4YXVkhCv/1Ra6MOzE1QgVlUiEELNzymS5QylLHkB0WDFWy4War1V8=

GET
H2 200 web-widget-framework-7a54a546dda064893d09.js Show response
static.zdassets.com/web_widget/latest/ Frame 197A 100 KB
32 KB 97ms
97ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=88b6432b-c8dc-42bb-9a91-9f49e3363a48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2a95245d69655b25812ab2bd247b8a4f29b922b27aff9b81947e6a61570df8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
x-amz-version-id: ImpBxBTadOOl9EZTmn0J0rVD2qJzTRSU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VTZWK5WZAN6X3Z3H
age: 1098378
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: EcCXpAXOItprYq56uHFleDBbZtgpChmXJgU8Z7dVqSOqQlI0SN46Tnr7cNnxyvxPhfdRWBlF2As=
last-modified: Tue, 30 May 2023 07:00:36 GMT
server: cloudflare
etag: W/"cfee00965f5643d1a5750806433313b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2J0qOPIVVsoHVsLyqaadpZ%2BILwYpNPevAIfQHzCb0utZ%2FIDAvZQ9Aoci40%2Bh7KV09BDsWpNiWFRoaXq0DDOH4DdRjqsQKh%2Bwx9mKQXSCE%2F5OQf5r%2BDlMwosoRQd88kvql34B76I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d63a6312e7fd96f-HEL
expires: Wed, 29 May 2024 07:00:35 GMT

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 7580 14 KB
4 KB 98ms
97ms Document
text/html 143.204.231.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=50e11cf10000640005202af4

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.231.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-231-40.cdg3.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://elementgames.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 50394
cache-control: max-age=86400
content-encoding: gzip
content-length: 3267
content-type: text/html
date: Mon, 12 Jun 2023 04:04:41 GMT
etag: "2922a85ce6caf46f828c097bf7aa1036"
last-modified: Mon, 08 May 2023 11:42:00 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 c04e95cc4381bc0a5e45bf722eb707c0.cloudfront.net (CloudFront)
x-amz-cf-id: tHxSMon3Nmv_uDH0Ps6ms5biEnYFSt4lPYK_doMaqWRDG4J8PQpkww==
x-amz-cf-pop: CDG3-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 rollover.core.js Show response
nsg.symantec.com/private/rollover/ 49 KB
18 KB 404ms
403ms Script
application/javascript 23.201.254.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/Web/Seal/gjs.aspx?SN=963443996
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.254.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-254-231.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 8995810a03e60e43daac08172d4f40e37c264c502086493b9f18a62020177288

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 03:51:04 GMT
server: Microsoft-IIS/8.5
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
content-length: 18499
expires: Tue, 13 Jun 2023 17:00:17 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
209 B 226ms
226ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ATCPQDNB798RPE-1&page=muse%3Aoffer%3A%3A%3ATCPQDNB798RPE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=edbb5934-114e-424b-8456-13f5ea1c25df&es=visitorInfoFlowStarted&mrid=TCPQDNB798RPE&code=UNKNOWN_BN_CODE&partner_name=UNKNOWN_PARTNER_NAME&pt=BRUSHSTROKE%E2%80%99S%20LEAGUES%20OF%20VOTANN%20PAINT%20BUNDLE%20-%20Brushstroke&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1686589217481&g=0&completeurl=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 12 Jun 2023 17:00:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 14049c168fc61
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220103-FRA, cache-bma1672-BMA
pragma: no-cache
correlation-id: 14049c168fc61
traceparent: 00-000000000000000000014049c168fc61-de6f319355a26a9f-01
x-timer: S1686589218.504081,VS0,VE165
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 17:00:17 GMT

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 397ms
272ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 12 Jun 2023 17:00:17 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f858193feedc2
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f858193feedc2-fbb9f073839aeb4a-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230127-FRA, cache-bma1663-BMA
x-timer: S1686589218.634698,VS0,VE210

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 8BEA 443 B
2 KB 803ms
803ms Fetch
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

222bdd8910c162f1cd42b29004780b6b06f6e263d42af6c49c210085b843b148

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-2Ik3Dz0JrMkQQ7hYinm41IMJpj+UKQPNmE+Uf6COOrs+XqgS' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-2Ik3Dz0JrMkQQ7hYinm41IMJpj+UKQPNmE+Uf6COOrs+XqgS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Mon, 12 Jun 2023 17:00:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f858193cf19f3
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230085-FRA, cache-bma1659-BMA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f858193cf19f3-fdcd80ba52d549f1-01
x-timer: S1686589218.908141,VS0,VE743
etag: W/"1bb-jJBFKT4zy1HR1F2uylRXwa8Mpdw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 7580 112 KB
31 KB 113ms
110ms Script
application/x-javascript 143.204.231.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=50e11cf10000640005202af4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.231.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-231-40.cdg3.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

192200684e5fefa431cc2256e24dd195fb231b961554eaaee1900acec95e3101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=50e11cf10000640005202af4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 03:36:06 GMT
via: 1.1 c04e95cc4381bc0a5e45bf722eb707c0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C1
age: 63764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31409
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 11:42:17 GMT
server: AmazonS3
etag: "60fe166092712d93cc87039640675ef6"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: DdKmLMmmrHrZ0FIq5QW9UqfJOdMTPBy6_w-N9K_3zPNUo7B14Ucvbg==

GET
H2 200 www-player.css
www.youtube.com/s/player/8c7583ff/ Frame 7C27 409 KB
48 KB 89ms
85ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adcf7fb00447abb34826c3ca3cf2ad3be4516cfab88ad23b65e35b0c304f9170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/XXYFAdWli80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49230
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Jun 2024 16:32:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7C27 15 KB
16 KB 274ms
88ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 149502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7C27 15 KB
15 KB 298ms
113ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 169952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:47:45 GMT

GET
H2 200 config Show response
elementgames.zendesk.com/embeddable/ Frame 197A 836 B
1 KB 203ms
76ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d178f27cef90808f96bc2a5d9fb5d4b69c235bc87eef0246ce09259d5ebbe8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22
x-zendesk-origin-server: embeddable-app-server-68c6455b99-sj8t7
x-cached: STALE
x-request-id: 7d636a375cb87a64-DUB
x-runtime: 0.002051
last-modified: Mon, 12 Jun 2023 16:59:55 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igKNBITgu%2BYW6HVZyokYLaP%2F2ecsLMZt1jaBy5Wx5R5CcAvOzX%2BezR6gyT3KdquHTCBZb3mH7CP7t04ZNZNg%2BulUjO7Ft4RZdFu0KyGKz9HXJEsUOQIJlJSKQST2ZGnX0em8tbGytS4KnA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7d63a6334f1798fc-ARN

GET
H2 200 push
paypal-eu-arh.cloudiq.com/pubsub/ 0
0 97ms
97ms Image
application/json 34.76.56.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypal-eu-arh.cloudiq.com/pubsub/push?token=1234&data=eyJ2ZXJzaW9uIjoiMS40LjEiLCJwYWdlIjp7InBhZ2VOYW1lIjoiQlJVU0hTVFJPS0XigJlTIExFQUdVRVMgT0YgVk9UQU5OIFBBSU5UIEJVTkRMRSAtIEJydXNoc3Ryb2tlIiwiZGVzdGluYXRpb25VUkwiOiJodHRwczovL2VsZW1lbnRnYW1lcy5jby51ay9lbGVtZW50LWVzc2VudGlhbHMvZWdhcHMvYnJ1c2hzdHJva2UvYnJ1c2hzdHJva2VzLWxlYWd1ZXMtb2Ytdm90YW5uLXBhaW50LWJ1bmRsZT9kPTEwNDkzIiwicmVmZXJyaW5nVVJMIjoiIn0sImV2ZW50Ijp7InBhZ2VMb2FkIjoxNjg2NTg5MjE3NDAyLCJwcm9kdWN0Vmlld2VkIjoxNjg2NTg5MjE3NjU1fSwiZGV2aWNlIjp7InR5cGUiOiJkZXNrdG9wIn0sInRhZyI6eyJ0YWdJZCI6IjBhMjg5NGUzLTdmYTktNDAyZi04YmEwLTAxYWQ3NmY0MzNlYS1qanpkcnd0biJ9LCJ1c2VyIjp7ImlkIjoiY2lxdWlkLTAwMTg4YjA4ZDFhN2MtMDEtMzBlOTkwIiwicmV0dXJuaW5nU3RhdHVzIjpmYWxzZSwiZmluZ2VycHJpbnQiOjM3NDk4NzczODh9fQ%3D%3D
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.76.56.218 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.56.76.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 push
paypal-eu-arh.cloudiq.com/pubsub/ 0
0 91ms
89ms Image
application/json 34.76.56.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypal-eu-arh.cloudiq.com/pubsub/push?token=1234&data=eyJ2ZXJzaW9uIjoiMS40LjEiLCJwYWdlIjp7InBhZ2VOYW1lIjoiQlJVU0hTVFJPS0XigJlTIExFQUdVRVMgT0YgVk9UQU5OIFBBSU5UIEJVTkRMRSAtIEJydXNoc3Ryb2tlIiwiZGVzdGluYXRpb25VUkwiOiJodHRwczovL2VsZW1lbnRnYW1lcy5jby51ay9lbGVtZW50LWVzc2VudGlhbHMvZWdhcHMvYnJ1c2hzdHJva2UvYnJ1c2hzdHJva2VzLWxlYWd1ZXMtb2Ytdm90YW5uLXBhaW50LWJ1bmRsZT9kPTEwNDkzIiwicmVmZXJyaW5nVVJMIjoiIn0sImV2ZW50Ijp7InBhZ2VMb2FkIjoxNjg2NTg5MjE3NDAyLCJwcm9kdWN0Vmlld2VkIjoxNjg2NTg5MjE3NjU1fSwiZGV2aWNlIjp7InR5cGUiOiJkZXNrdG9wIn0sInRhZyI6eyJ0YWdJZCI6IjBhMjg5NGUzLTdmYTktNDAyZi04YmEwLTAxYWQ3NmY0MzNlYS1qanpkcnd0biJ9LCJ1c2VyIjp7ImlkIjoiY2lxdWlkLTAwMTg4YjA4ZDFhN2MtMDEtMzBlOTkwIiwicmV0dXJuaW5nU3RhdHVzIjpmYWxzZSwiZmluZ2VycHJpbnQiOjM3NDk4NzczODh9LCJwcm9kdWN0Q2F0YWxvZ3VlIjp7ImltYWdlIjoiaHR0cHM6Ly9lbGVtZW50Z2FtZXMuY28udWsvaW1hZ2VzL3Byb2R1Y3RzLzkxNDg0LzEwNzA5Ny1sYXJnZS5qcGciLCJkZXNjcmlwdGlvbiI6IiIsInByaWNlIjoiNDMuMjMiLCJwcm9kdWN0Q29kZSI6IkJTUEJMVktIIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZlbGVtZW50Z2FtZXMuY28udWslMkZlbGVtZW50LWVzc2VudGlhbHMlMkZlZ2FwcyUyRmJydXNoc3Ryb2tlJTJGYnJ1c2hzdHJva2VzLWxlYWd1ZXMtb2Ytdm90YW5uLXBhaW50LWJ1bmRsZSUzRmQlM0QxMDQ5MyIsIm5hbWUiOiJCUlVTSFNUUk9LReKAmVMgTEVBR1VFUyBPRiBWT1RBTk4gUEFJTlQgQlVORExFIn19
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.76.56.218 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.56.76.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/ Frame 7C27 307 KB
92 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67dbfdd99ccb28a4a3c9e81045fb6c245cbc3bed2889a754653df96054f9e736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/XXYFAdWli80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94356
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Jun 2024 16:41:09 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/ Frame 7C27 2 MB
744 KB 173ms
172ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d725b567d130d3878926c186c884149cfd73b56849fa47ab445cc66a545f6222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/XXYFAdWli80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 20:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761099
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Jun 2024 20:36:01 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8c7583ff/fetch-polyfill.vflset/ Frame 7C27 9 KB
3 KB 172ms
171ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/XXYFAdWli80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Jun 2024 16:23:27 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1009235869/ 42 B
455 B 289ms
104ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1009235869/?random=1686589217313&cv=9&fst=1686589200000&num=1&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493&tiba=BRUSHSTROKE%E2%80%99S%20LEAGUES%20OF%20VOTANN%20PAINT%20BUNDLE%20-%20Brushstroke&fmt=3&is_vtc=1&random=2514637857&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.no/pagead/1p-user-list/1009235869/ 42 B
455 B 295ms
107ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/pagead/1p-user-list/1009235869/?random=1686589217313&cv=9&fst=1686589200000&num=1&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493&tiba=BRUSHSTROKE%E2%80%99S%20LEAGUES%20OF%20VOTANN%20PAINT%20BUNDLE%20-%20Brushstroke&fmt=3&is_vtc=1&random=2514637857&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 53aa8912dec7e10d38f59f36 Show response
widget.trustpilot.com/trustbox-data/ Frame 7580 10 KB
3 KB 99ms
99ms XHR
application/json 143.204.231.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=50e11cf10000640005202af4&locale=en-GB&reviewStars=5&includeReviews=true&reviewsPerPage=15

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.231.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-231-40.cdg3.r.cloudfront.net

Software

Kestrel /

Resource Hash

6081d8b34f5dded799911def8e77d0dcb31b2677c656e46c19ce7ed198543d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=50e11cf10000640005202af4
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 16:32:17 GMT
via: 1.1 c04e95cc4381bc0a5e45bf722eb707c0.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: CDG3-C1
age: 1680
etag: "1c15e68d042c22fb8fc98f07eb4b98eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: Obk2ExKfVsi-X3jSBUkP9RCaIzc_uNBwGyc9Ah1wgXNTHh9-ZN8mqg==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 7580 0
321 B 119ms
118ms XHR
text/plain 143.204.231.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=130px&styleWidth=100%25&theme=light&stars=5&url=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=50e11cf10000640005202af4&widgetId=53aa8912dec7e10d38f59f36

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.231.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-231-40.cdg3.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=50e11cf10000640005202af4
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 c04e95cc4381bc0a5e45bf722eb707c0.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: CDG3-C1
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: kd5rEQEzNwXJaiIqireHqdAIxNTYO8NYKdVOQ2rDSORckjiJoRvoeg==
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame B4D7 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Config Show response
recs-us-e1a.particularaudience.com/2.6/ 2 KB
1 KB 495ms
170ms Fetch
application/json 3.226.27.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://recs-us-e1a.particularaudience.com/2.6/Config?w=b2d95d2a-db0b-ea11-828b-00155da08c22&bn=Chrome&bv=114&p=Win32&u=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493&ipm=0&ilss=1&isss=1&im=0
Requested by: Host: cdn.particularaudience.com
URL: https://cdn.particularaudience.com/js/ele/t.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.27.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-27-69.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 13c06e947e649c9acda71512e2693a647c5800eedf426d73103f5400befe4882

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 17:00:17 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
api-supported-versions: 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://elementgames.co.uk
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, authorization, traceparent, tracestate

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame B4D7 270 KB
76 KB 65ms
65ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&commit=false&currency=GBP&components=buttons,funding-eligibility

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&sdkVersion=5.0.378&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJMUJfSTV2bTlOTU5JSGxwSktJc0tBMnNjMUgtQ29XdjF3Y0RrVWRLQ2FBamh0M1VnUk5XZ2RJek9xR2UwZHFDSi1fUkRmUDRsYUZFU2MmY29tbWl0PWZhbHNlJmN1cnJlbmN5PUdCUCZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3NteG53ZWJ6bWFhaW9raWlzZWpsamZyZGNjbHB6ZiJ9fQ&clientID=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&sdkCorrelationID=f523393d855eb&storageID=uid_6086aff6c4_mtc6mda6mtc&sessionID=uid_a989d18622_mtc6mda6mtc&buttonSessionID=uid_013e0418db_mtc6mda6mtc&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=GBP&intent=capture&commit=false&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1b86726fee08ad51f2bc712ca3ca009d747dd94f584bf98a3250afad77fccde

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-3/tDFlYiVNEkomnTLJQJkrtXzojImY/5g9N+OJp4VgfxLztR' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3/tDFlYiVNEkomnTLJQJkrtXzojImY/5g9N+OJp4VgfxLztR' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&sdkVersion=5.0.378&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJMUJfSTV2bTlOTU5JSGxwSktJc0tBMnNjMUgtQ29XdjF3Y0RrVWRLQ2FBamh0M1VnUk5XZ2RJek9xR2UwZHFDSi1fUkRmUDRsYUZFU2MmY29tbWl0PWZhbHNlJmN1cnJlbmN5PUdCUCZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3NteG53ZWJ6bWFhaW9raWlzZWpsamZyZGNjbHB6ZiJ9fQ&clientID=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&sdkCorrelationID=f523393d855eb&storageID=uid_6086aff6c4_mtc6mda6mtc&sessionID=uid_a989d18622_mtc6mda6mtc&buttonSessionID=uid_013e0418db_mtc6mda6mtc&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=GBP&intent=capture&commit=false&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-3/tDFlYiVNEkomnTLJQJkrtXzojImY/5g9N+OJp4VgfxLztR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3/tDFlYiVNEkomnTLJQJkrtXzojImY/5g9N+OJp4VgfxLztR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 17:00:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5026
x-cache: HIT, HIT
p3p: true
paypal-debug-id: f695848441b6d
server-timing: "traceparent;desc="00-0000000000000000000f695848441b6d-73a8673b0b430a27-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 75997
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230049-FRA, cache-bma1659-BMA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f695848441b6d-e10cace2b63ac0f7-01
x-timer: S1686589218.899329,VS0,VE4
etag: W/"128dd-8HbbBMd1p4RBPejj0Ws5nd1UHkE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 2

GET
H2 200 web-widget-main-bfd6eb7.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 197A 924 KB
266 KB 96ms
96ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb988ab760df25b36634e5033c142c3fb806f99cc70e5ce2c77f5fe3c802035f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
x-amz-version-id: bNH1tgcgQXlX2U1UknAxNSi.t4lxKhjE
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Y5YTVXR06QNKYANT
age: 1098377
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: DGwqKFDmY5Vi8eQuwHdjn/7ERU0Q5ytPFmvgxcMpnFKcKg6Oq/lvgBgOTt7q6ABWQmMZEqfI32g=
last-modified: Tue, 30 May 2023 07:03:13 GMT
server: cloudflare
etag: W/"3f980779d267839d8b8ffee50a8f7f4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoN5QXQeOdey2ICk0URBPqMThJGZFzyN37V%2BxLxRvEeGLwP11lkHO9VmJeCX8wjKeOinHwhcxJzMehEkr4K9OVEwn0Md87khSn3UYEOQrkCWNgdDF7AUbiMJXvzIuMRA4pwRFe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d63a633ddfad96f-HEL
expires: Wed, 29 May 2024 07:03:12 GMT

GET
H2 200 main1.min.js Show response
cdn.salesfire.co.uk/js/app/ 239 KB
69 KB 89ms
88ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.salesfire.co.uk/js/app/main1.min.js
Requested by: Host: cdn.salesfire.co.uk
URL: https://cdn.salesfire.co.uk/code/5eeef24e-1953-4749-ba37-245b19e4b382.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f3021c4e03fead6975d399de9acdfd8224dd1288eea62fa89e92eb8137a4a27

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
x-amz-version-id: sxPPY94xHE8OddwoqUyX8pnn3phTfCKI
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7FMRN4DVC7MNTFC3
age: 3686
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iAYzlkXI9MvUgEXRypNRa1CuIyp+t/GHvlaWYrNMe6IShjEnZhwsu5t1xrRiEIeQmR/hf5PGL2kUmFO/PDerSQ==
last-modified: Fri, 26 May 2023 12:39:17 GMT
server: cloudflare
etag: W/"02a669f0d9fbf8a98686499aa13388d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8ZLeeFXxC0ZEmcULSRiShXkWE2SUuRBiUa%2FBuyanNWA1jEql9uT0ack3BmDh1rOkofQn1IKzuUR%2B8MszNlOC2R8Izm8KZfMbEiPaMMoSzVNXTPJt8kS%2Fal%2FwydDNHrs5q5Ry8V%2FXBWdjHi%2ByMr9%2F%2Bwz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 7d63a633e8d10b3d-OSL

GET
H2 200 3.3.0.js Show response
cdn.salesfire.co.uk/sp/ 70 KB
23 KB 76ms
74ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.salesfire.co.uk/sp/3.3.0.js
Requested by: Host: cdn.salesfire.co.uk
URL: https://cdn.salesfire.co.uk/code/5eeef24e-1953-4749-ba37-245b19e4b382.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b015ece5fd817eec0990ecad36a70793f9a497861890b533417479bb7fa18145

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:17 GMT
x-amz-version-id: u0cwOXNeg5NbKlQkF_6.9UpVY0rocSEJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DVSK10APE0AVS3YT
age: 3686
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6asSp/BbRPIJlMuHo90aL3MNN2mYm2XZvzaCRTEpUSHUnwsfE8AqVrE61KdVw8XUfhe2ke1rBlA=
last-modified: Wed, 16 Feb 2022 11:23:25 GMT
server: cloudflare
etag: W/"e5cd59cb7e3bac2e80b315dc939d0443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7at2JjXs%2BauuCXXtbdoj57dtbM%2BiJV9I5Or3USZD0xvTiQQPjJI6RaTHLw%2BGLEE%2FsWrWcVw4fsUd9LUh8ly05I%2Fo07e6cWkKweLSefSbQEI3y89DfB0Fs7lTm6yvFgqMjvOD319JVVntNaLfrCRmbpcD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 7d63a633e8d20b3d-OSL

GET
H2 200 ii.aspx Show response
nsg.symantec.com/Web/Seal/ 17 B
390 B 201ms
201ms Script
application/x-javascript 23.201.254.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/ii.aspx?CBF=bs_R.ii&fpc=&TS=b3c35
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.254.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-254-231.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e1ebe8fb4455e5010f14388e80d1de841ef1ead56db4d81ccbc50cd8e4514fec

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
etag: "35abd7f86293ca59"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
content-length: 137
expires: Tue, 13 Jun 2023 17:00:18 GMT

OPTIONS
H2 200 tp2
live.smartmetrics.co.uk/com.snowplowanalytics.snowplow/ Frame 0
0 300ms
99ms Preflight 63.35.53.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.smartmetrics.co.uk/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.53.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-53-43.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://elementgames.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://elementgames.co.uk
access-control-max-age: 3600
content-length: 0
date: Mon, 12 Jun 2023 17:00:18 GMT
server: akka-http/10.2.7

POST
H2 200 tp2
live.smartmetrics.co.uk/com.snowplowanalytics.snowplow/ 2 B
233 B 315ms
104ms Ping
text/plain 63.35.53.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.smartmetrics.co.uk/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.salesfire.co.uk
URL: https://cdn.salesfire.co.uk/sp/3.3.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.53.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-53-43.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://elementgames.co.uk/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://elementgames.co.uk
date: Mon, 12 Jun 2023 17:00:18 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.2.7
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H3 200 1fbeb4764188c86f972c1.min.js Show response
cdn.salesfire.co.uk/js/app/ 155 KB
36 KB 77ms
77ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.salesfire.co.uk/js/app/1fbeb4764188c86f972c1.min.js
Requested by: Host: cdn.salesfire.co.uk
URL: https://cdn.salesfire.co.uk/js/app/main1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7a3db88fa6c43e1185f71c6fed818ba05c5f44e0a34dec40e24a14031a32960

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
x-amz-version-id: a_x8nP92HIMhg_X2ePv2Fy3.7f2c32Fy
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7FMVRH6RHAH2C276
age: 1580
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: s6MDB4Ca8T2Hd3vFFpmBCg/S0tP3i2qLMEz3UAjbegcGPLLUfoQECeZTnC+r3bEKoa8oDAlgHqBnfJQklW/fLQ==
last-modified: Fri, 26 May 2023 12:39:13 GMT
server: cloudflare
etag: W/"5666a8e6751ff562ef581e68c1c83e3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kxe0YtSNVvMfIdvkhlnqlSC4ren3vvCGRlACQhRucQQHyFKZfWjEJ8IL%2FviEI6OjHy%2B%2FEoTKhmxCJMKtf1UK0jcZkT%2FrpznUZuincvySCQ2sYPCYaomxnXQfad9h5wW%2BJSiUw%2Be9PID5Cpg6kG%2FIkLM6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 7d63a6354d62b500-OSL

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7C27
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

97ms
95ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e93ff880f1f74bb9b73befe0f77f503118704f0522d92dfc5520107f80a8aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Jun 2023 17:00:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7C27 29 B
495 B 280ms
88ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:57:32 GMT
x-content-type-options: nosniff
age: 166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Jun 2023 17:12:32 GMT

GET
H2 200 embeddable_blip Show response
elementgames.zendesk.com/ Frame 197A 0
455 B 117ms
117ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsiYWN0aW9uIjoibGVnYWN5IiwiY2F0ZWdvcnkiOiJnb29nbGVhbmFseXRpY3N1c2VkIn0sImJ1aWQiOiIwYWEyMDVlZGNiNWU0M2JlOWNjNTMyM2JmNDE5MDhlZCIsInN1aWQiOiI2ZWM5MDJhZTkzZDg0MmM3ODBkMTkzZjc5MTA5ZWQxNSIsInZlcnNpb24iOiJiZmQ2ZWI3IiwidGltZXN0YW1wIjoiMjAyMy0wNi0xMlQxNzowMDoxOC4yNDJaIiwidXJsIjoiaHR0cHM6Ly9lbGVtZW50Z2FtZXMuY28udWsvZWxlbWVudC1lc3NlbnRpYWxzL2VnYXBzL2JydXNoc3Ryb2tlL2JydXNoc3Ryb2tlcy1sZWFndWVzLW9mLXZvdGFubi1wYWludC1idW5kbGU%2FZD0xMDQ5MyJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Jun 2023 17:00:18 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkIPgFUmgXy3tqUp6ipMyOJZK7YazgRFKFhlPR4t91qX0RgyE7qzij1VNEzmN0zH1XFluDZd%2Bxc64M79N8QX%2BIbmSpxBSOqawman25gkREJB5JobTP9FamlM7hC9%2BHv0xIsJ3okgsKPZcw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7d63a63629e698fc-ARN
content-length: 0
x-request-id: 7d63a63629e698fc-ARN

GET
H2 200 en-us-json-bfd6eb7.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 197A 25 KB
6 KB 68ms
67ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-bfd6eb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55fc0d5f38f5fdd8ba0c458ab25cdd24a5e297929db8599c05b8f700c43aa8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
x-amz-version-id: itb0XHx1T5LzCCHLfqMcBM_K9g.u5Td2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 472GQVFES99F1JH9
age: 1098378
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 6oZlESkCfa66Sy5JN0TQnN9yxlLtMBZIybktlxZw5a+pJGuJgSzaFAXfjix2zbOl9FoeLMmRrsI=
last-modified: Tue, 30 May 2023 07:03:15 GMT
server: cloudflare
etag: W/"8b029ef28afc7ee70c5b9e2648a5c98b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHImOhhUor4yX%2BtJBeIHVNauqJT7qD555KEcUYGkOPuOX4OU5ARX1JoBSDUzMzUgEfkuPAckjPLysg7WPfgexhKq7IwYs86nyyMgJBXjF3lkpwNTSV56um9i3YwTNe%2FQdloYjeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d63a6363b54d96f-HEL
expires: Wed, 29 May 2024 07:03:14 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 281ms
94ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 12 Jun 2023 17:00:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7C27 68 KB
31 KB 103ms
102ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47f137a4a3e6a66b8421ca4b700cf5def47e7dc6f282d3ae7d845738d8dfe440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32011
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/ Frame 7C27 116 KB
33 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08faec9c2afdc86a63b97e4d1578207ae3aafa46ce969cce8a85a2a6654b11fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/XXYFAdWli80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 22:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 413953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33566
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Jun 2024 22:01:05 GMT

GET
H2 200 R0xUEcQ2B32TxOUqHFZmKhtjycEbObawU50wwQDccxI.js Show response
www.google.com/js/th/ Frame 7C27 38 KB
15 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R0xUEcQ2B32TxOUqHFZmKhtjycEbObawU50wwQDccxI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

474c5411c436077d93c4e52a1c56662a1b63c9c11b39b6b0539d30c100dc7312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 07:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14825
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jun 2024 07:37:06 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/XXYFAdWli80/ Frame 7C27 121 KB
122 KB 285ms
100ms Image
image/jpeg 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/XXYFAdWli80/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06098eb1d1e5cc01e4b31c20ab94e93311af96fbc675ab266751e84f1c4ce365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124063
x-xss-protection: 0
server: sffe
etag: "1678148574"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 12 Jun 2023 19:00:18 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/ Frame 7C27 29 KB
8 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681d161c0f91034ee83c1e77e9c5cfff9d424098005a5a7dfe527f96e836ef1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/XXYFAdWli80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 20:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Jun 2024 20:36:01 GMT

GET
DATA 200
OK truncated
/ Frame 7C27 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqP7mg6GE7-2_HimMYgXd1C05ZtppaLE9psmmUNvZQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7C27 3 KB
3 KB 282ms
88ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqP7mg6GE7-2_HimMYgXd1C05ZtppaLE9psmmUNvZQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3084ec5ea6fa7de22f7c6263a796e67920b9f03547094e84610307d95bc6077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 15:56:28 GMT
x-content-type-options: nosniff
age: 3830
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3024
x-xss-protection: 0
server: fife
etag: "vab"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Jun 2023 15:56:28 GMT

GET
H2 200 AltSealInfo.aspx Show response
nsg.symantec.com/Web/Seal/ 885 B
1 KB 222ms
222ms Script
application/x-javascript 23.201.254.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/AltSealInfo.aspx?Info=1&PR=&CBF=bs_R.AltSeal&Elem=_GUARANTEE_SealSpan&SN=buysafeseal_1&HASH=3stM73d0rjTvM3%2BlZcHoHUFWW5HVc5YbFNXJ90Es8A3jsw8AIkUoxO3Ju3J9UotTTvsZJ03ydOVXAiglkI5VZg%3D%3D&S=Large&T=M&MSPHASH=&fpc=&DP=br%3DChrome%3Bvr%3D114.0.5735.106%3Bos%3DWindows%3Bsno%3Da&I=&TS=e3d408ag9a
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.254.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-254-231.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: c698f0f392dc24de1c8d6d844115a3f5a95dce4db26550f8d149d14f4f9b00a5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:18 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: max-age=0, no-cache, no-store
content-length: 731
expires: Mon, 12 Jun 2023 17:00:18 GMT

GET
H2 200 web-widget-chat-sdk-bfd6eb7.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 197A 202 KB
51 KB 95ms
94ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-bfd6eb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
x-amz-version-id: u3.Qe5Q46HqEeNC76GSEOeXPfb_y.4zr
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Y5YKNVD1S3R2KQCS
age: 252849
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: y/rxGADUFMu5G2jlBxUdJ1iI+w9urQIq1o8yJOJU9WJQXB2pvP6sKNYxFqgexv1PTqIADhARlNE=
last-modified: Tue, 30 May 2023 07:03:13 GMT
server: cloudflare
etag: W/"a3208a9957c2dcf9612763d1d3138069"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyziY6eGIr3fnBl%2FXiUz%2BeeSZPG6LxElH6AS6UX4DNIyL4F7qu5rDoMgPxbwj5iGxdH78G6twiVUD2qx2xzHooarmXHLulNss2dT57b0LKlQeiD0%2F9FPKFkeJFVjm2xClX32CMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d63a6373da6d96f-HEL
expires: Wed, 29 May 2024 07:03:12 GMT

GET
H/1.1 200
OK PageView Show response
recs-us-e1a.particularaudience.com/2.6/ 30 KB
6 KB 173ms
173ms Fetch
application/json 3.226.27.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://recs-us-e1a.particularaudience.com/2.6/PageView?w=b2d95d2a-db0b-ea11-828b-00155da08c22&p=91484&r=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493&c=eac521ac-e56b-4600-b818-df74d427d160&e[0].s=span.in-stock%20div.stock_popup&e[0].v[0]=This%20product%20is%20on%20the%20way%20and%20is%20scheduled%20to%20arrive%20with%20us%20soon.Dispatch%20(to%20you)%20due%3A%20Friday%2030th%20June%20In%20Stock%20%20Stock%20Due%20%20Backorder%2FAvailable%20%20Unavailable&e[1].s=span.in-stock%20div.stock_popup&e[1].v[0]=This%20product%20is%20on%20the%20way%20and%20is%20scheduled%20to%20arrive%20with%20us%20soon.Dispatch%20(to%20you)%20due%3A%20Friday%2030th%20June%20In%20Stock%20%20Stock%20Due%20%20Backorder%2FAvailable%20%20Unavailable&rcc=GBP&rcl=en-AU
Requested by: Host: cdn.particularaudience.com
URL: https://cdn.particularaudience.com/js/ele/t.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.27.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-27-69.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5dc59fbc7e948ed13cca008f5c80e88b72bce855caab70c3c1a073d2e3115ba5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 17:00:18 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
api-supported-versions: 1.5, 1.6, 1.7
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://elementgames.co.uk
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, authorization, traceparent, tracestate

GET
H3 204 generate_204
www.youtube.com/ Frame 7C27 0
10 B 85ms
85ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?gEoAeA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/XXYFAdWli80
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/embed/XXYFAdWli80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7C27 4 KB
2 KB 281ms
93ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:00:18 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame B4D7 60 KB
21 KB 65ms
64ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F6AA) /

Resource Hash

38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1856
x-cache: HIT
paypal-debug-id: b1e4b6c6c8883
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20654
last-modified: Fri, 12 May 2023 17:09:48 GMT
server: ECAcc (ska/F6AA)
traceparent: 00-0000000000000000000b1e4b6c6c8883-9305c8ca10f31823-01
etag: W/"645e72dc-eeee"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 17:00:18 GMT

GET
H/1.1 200
OK widget-ele_v1.0.1.3-dccf2f1.js Show response
cdn.particularaudience.com/js/ele/ 336 KB
79 KB 85ms
85ms Script
application/javascript 18.65.39.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.particularaudience.com/js/ele/widget-ele_v1.0.1.3-dccf2f1.js
Requested by: Host: cdn.particularaudience.com
URL: https://cdn.particularaudience.com/js/ele/t.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-11.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5abdecc5281d34e3d669b9cf9829b3088bc9a76e2f8442e6cf6add9b94f73339

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 9835af751c15612a813bbc131d2ce1e6.cloudfront.net (CloudFront)
Date: Mon, 12 Jun 2023 05:00:00 GMT
Last-Modified: Mon, 22 Mar 2021 04:30:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-P1
Age: 43219
ETag: W/"54a939acb0d1df8faba51dd813cec7a2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 3EcTJnu36zLO9wkq9PfDIIjvmxeGhhYiXo_H7cK3W1S5Q9954AV3sg==

GET
H2 200 si.aspx
nsg.symantec.com/Web/Seal/ 4 KB
4 KB 99ms
99ms Image
application/octet-stream 23.201.254.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nsg.symantec.com/Web/Seal/si.aspx?s=963443996&p=11&t=a&TS=b3c35&R=0&x=BLX
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.254.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-254-231.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: d53543f26bb758d96aad149e47ffe9c13a4227ec1d8b7edace1644948977ebd2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
server: Microsoft-IIS/8.5
etag: "2ce5484535d2e3a9"
content-type: application/octet-stream; charset=utf-8
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
content-disposition: inline; filename=s.png
content-length: 3730
expires: Tue, 13 Jun 2023 17:00:18 GMT

GET
H2 200 Static.aspx Show response
nsg.symantec.com/Web/Seal/ 2 KB
1 KB 108ms
108ms Script
text/javascript 23.201.254.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/Static.aspx?CBF=bs_R.RollCBF&Type=RO&Promocode=ResponsiveV3&ifID=ResponsiveV3&DP=br%3DChrome%3Bvr%3D114.0.5735.106%3Bos%3DWindows%3Bsno%3Da&HASH=3stM73d0rjTvM3%2BlZcHoHUFWW5HVc5YbFNXJ90Es8A3jsw8AIkUoxO3Ju3J9UotTTvsZJ03ydOVXAiglkI5VZg%3D%3D&TS=b3c35
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.254.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-254-231.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6e98a5d1d75fb50d4fbe17d528f161d5d690ae39b3f0c346294873f6758a4090

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
etag: "cebe7db224a5fc00"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: private, max-age=86400
content-length: 896
expires: Tue, 13 Jun 2023 17:00:18 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame B4D7 1 KB
2 KB 310ms
309ms Ping
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

171d5695123553d96e72cd1723ffe64401a025324ed11bde87987b9eb4e0ca0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&sdkVersion=5.0.378&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJMUJfSTV2bTlOTU5JSGxwSktJc0tBMnNjMUgtQ29XdjF3Y0RrVWRLQ2FBamh0M1VnUk5XZ2RJek9xR2UwZHFDSi1fUkRmUDRsYUZFU2MmY29tbWl0PWZhbHNlJmN1cnJlbmN5PUdCUCZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3NteG53ZWJ6bWFhaW9raWlzZWpsamZyZGNjbHB6ZiJ9fQ&clientID=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&sdkCorrelationID=f523393d855eb&storageID=uid_6086aff6c4_mtc6mda6mtc&sessionID=uid_a989d18622_mtc6mda6mtc&buttonSessionID=uid_013e0418db_mtc6mda6mtc&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=GBP&intent=capture&commit=false&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f58261326e7f5
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220119-FRA, cache-bma1659-BMA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f58261326e7f5-cb695bd8492be6dd-01
x-timer: S1686589219.726829,VS0,VE226
etag: W/"408-bpslCpaoV9g2H6cUrzDP+psRLI4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 987D 160 B
1 KB 245ms
245ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C89) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 789fa9918ec47
date: Mon, 12 Jun 2023 17:00:18 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: 789fa9918ec47
server: ECAcc (frc/4C89)
server-timing: traceparent;desc="00-0000000000000000000789fa9918ec47-015d5777b8afb706-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000789fa9918ec47-789ff1950a918a9f-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 20F2
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_a989d18622_mtc6mda6mtc&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a989d18622_mtc6mda6mtc&s=SMART_PAYMENT_BUTTONS

42 B
299 B

323ms
108ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a989d18622_mtc6mda6mtc&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&sdkVersion=5.0.378&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJMUJfSTV2bTlOTU5JSGxwSktJc0tBMnNjMUgtQ29XdjF3Y0RrVWRLQ2FBamh0M1VnUk5XZ2RJek9xR2UwZHFDSi1fUkRmUDRsYUZFU2MmY29tbWl0PWZhbHNlJmN1cnJlbmN5PUdCUCZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3NteG53ZWJ6bWFhaW9raWlzZWpsamZyZGNjbHB6ZiJ9fQ&clientID=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&sdkCorrelationID=f523393d855eb&storageID=uid_6086aff6c4_mtc6mda6mtc&sessionID=uid_a989d18622_mtc6mda6mtc&buttonSessionID=uid_013e0418db_mtc6mda6mtc&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=GBP&intent=capture&commit=false&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 17:00:19 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a989d18622_mtc6mda6mtc&s=SMART_PAYMENT_BUTTONS
Date: Mon, 12 Jun 2023 17:00:18 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 ts
t.paypal.com/ 42 B
546 B 242ms
241ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ATCPQDNB798RPE-1&page=muse%3Aoffer%3A%3A%3ATCPQDNB798RPE-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=edbb5934-114e-424b-8456-13f5ea1c25df&es=visitorInfo&cust=identified&mrid=TCPQDNB798RPE&code=UNKNOWN_BN_CODE&partner_name=UNKNOWN_PARTNER_NAME&pt=BRUSHSTROKE%E2%80%99S%20LEAGUES%20OF%20VOTANN%20PAINT%20BUNDLE%20-%20Brushstroke&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=28&identifier_used=DFP&e=im&t=1686589218707&g=0&completeurl=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 12 Jun 2023 17:00:18 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: b3a8ad6719120
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230092-FRA, cache-bma1672-BMA
pragma: no-cache
correlation-id: b3a8ad6719120
traceparent: 00-0000000000000000000b3a8ad6719120-2a6c85a98eeaec21-01
x-timer: S1686589219.735391,VS0,VE174
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 17:00:18 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7C27 90 B
134 B 96ms
96ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/fi_FI/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f6608ff1db2e96a1c9145e133e6f9743626b180b41d202531d1f8bb2e582b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 97ms
96ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 12 Jun 2023 17:00:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 loading.gif
guarantee-cdn.com/Web/images/norton/ 1 KB
1 KB 251ms
83ms Image
image/gif 104.102.47.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guarantee-cdn.com/Web/images/norton/loading.gif
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.47.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-47-146.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: fda04831a1a821c162fc9d74b77d859299a3f86938627902e38a862fba8110b4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
last-modified: Fri, 22 Nov 2019 19:21:47 GMT
server: Microsoft-IIS/8.5
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
content-type: image/gif
cache-control: private, max-age=86400
accept-ranges: bytes
content-length: 1270
expires: Tue, 13 Jun 2023 17:00:19 GMT

GET
H2 200 rollover_close.png
guarantee-cdn.com/Web/images/norton/ 150 B
376 B 251ms
83ms Image
image/png 104.102.47.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guarantee-cdn.com/Web/images/norton/rollover_close.png
Requested by: Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.47.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-47-146.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: a9ac5826013bddbd6d4b11d329f102c8464fc673e3d1967b4a7bd83da70e6581

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
last-modified: Fri, 15 May 2015 15:39:09 GMT
server: Microsoft-IIS/8.5
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
content-type: image/png
cache-control: private, max-age=86400
accept-ranges: bytes
content-length: 150
expires: Tue, 13 Jun 2023 17:00:19 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/114/ Frame 7C27 51 KB
15 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/114/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15225
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 13 Jun 2023 16:54:01 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 987D 60 KB
20 KB 63ms
62ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F6AA) /

Resource Hash

38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1856
x-cache: HIT
paypal-debug-id: b1e4b6c6c8883
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20654
last-modified: Fri, 12 May 2023 17:09:48 GMT
server: ECAcc (ska/F6AA)
traceparent: 00-0000000000000000000b1e4b6c6c8883-9305c8ca10f31823-01
etag: W/"645e72dc-eeee"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 17:00:18 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 987D 125 B
815 B 271ms
271ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB4) /

Resource Hash

b34b1b23cb5a61891b4d070b21cc28744bd85ebd4f40d61a7e6a49d8f62c077b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 2a9f601fe6977
server: ECAcc (frc/4CB4)
traceparent: 00-00000000000000000002a9f601fe6977-f70f2dcabb0ac6ce-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
access-control-allow-origin: https://www.paypal.com
paypal-debug-id: 2a9f601fe6977
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
server-timing: traceparent;desc="00-00000000000000000002a9f601fe6977-f9702f85beae57a5-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 987D 0
209 B 263ms
262ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8D) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: d0b28e4d0000b
server: ECAcc (frc/4C8D)
traceparent: 00-0000000000000000000d0b28e4d0000b-abd4b94078d47ac4-01
access-control-allow-origin: https://www.paypal.com
paypal-debug-id: d0b28e4d0000b
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: traceparent;desc="00-0000000000000000000d0b28e4d0000b-6b443131b1ea8b88-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 987D 0
408 B 408ms
270ms Image
text/plain 2a04:4e42:600::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_a989d18622_mtc6mda6mtc&s=SMART_PAYMENT_BUTTONS

Requested by

Host: elementgames.co.uk
URL: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230107-FRA, cache-bma1672-BMA
date: Mon, 12 Jun 2023 17:00:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: e58b2396311f9
via: 1.1 varnish, 1.1 varnish
traceparent: 00-0000000000000000000e58b2396311f9-3d886902a78d936d-01
x-timer: S1686589219.203081,VS0,VE201
x-cache: MISS, MISS
paypal-debug-id: e58b2396311f9
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame B4D7 1 KB
2 KB 298ms
298ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e873b58d2074f6821bf112ff4af2d9d8ea2f4bfb866258b905b296afce13a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&sdkVersion=5.0.378&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJMUJfSTV2bTlOTU5JSGxwSktJc0tBMnNjMUgtQ29XdjF3Y0RrVWRLQ2FBamh0M1VnUk5XZ2RJek9xR2UwZHFDSi1fUkRmUDRsYUZFU2MmY29tbWl0PWZhbHNlJmN1cnJlbmN5PUdCUCZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3NteG53ZWJ6bWFhaW9raWlzZWpsamZyZGNjbHB6ZiJ9fQ&clientID=AbI1B_I5vm9NMNIHlpJKIsKA2sc1H-CoWv1wcDkUdKCaAjht3UgRNWgdIzOqGe0dqCJ-_RDfP4laFESc&sdkCorrelationID=f523393d855eb&storageID=uid_6086aff6c4_mtc6mda6mtc&sessionID=uid_a989d18622_mtc6mda6mtc&buttonSessionID=uid_013e0418db_mtc6mda6mtc&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=GBP&intent=capture&commit=false&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: application/json

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f58261317be74
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220073-FRA, cache-bma1659-BMA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f58261317be74-df4b9197e9f07101-01
x-timer: S1686589219.110157,VS0,VE237
etag: W/"400-GRGq5uesUJW/MR8dWTGvQuAED3Y"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 web-widget-chat-incoming-message-notification-bfd6eb7.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 197A 235 B
720 B 66ms
66ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-bfd6eb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d674bd98d17650144d8070991809c3708131db4b6d877deaebda9d5d8b16df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
x-amz-version-id: .xyzDRZDLwVOIga4XY28ObxJVbK04jdy
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DQPMNB4FCFPVP0YR
age: 1098372
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: I7WuloUJ8FW9XlM8195fA4pNM9boiT5/nYR8DVtca4e0I3E1SVBzoFAkvca+qs3dWfd5Ql/AGCI+vQASw5+ECA==
last-modified: Tue, 30 May 2023 07:03:13 GMT
server: cloudflare
etag: W/"546d9af56f12690304f2318f1f4b4845"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBgQJH5L2Wermc0Au4Owy4EY1soeOoSxMHt2r5ePTH24r3MICVCKTLSezZ4JoqlK%2BsosOvaQSNzw4kDITDqfVCw78sX6ucwsB2mojFfqJlIs0xN2SJVzg5q9lZk%2FoA0tal1%2BwjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d63a63be977d96f-HEL
expires: Wed, 29 May 2024 07:03:12 GMT

GET
H2 200 core.js Show response
sleeknotestaticcontent.sleeknote.com/ 5 KB
3 KB 267ms
90ms Script
text/javascript 18.165.201.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Requested by: Host: sleeknotecustomerscripts.sleeknote.com
URL: https://sleeknotecustomerscripts.sleeknote.com/56819.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.201.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-73.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60cdcefd04356bef9c14e738d4644d796c197bcd72177cc7050bc6fd97785d35

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 8wIcJp9EgY40Q.NR_GJQbCDU8ml3FvwK
content-encoding: gzip
via: 1.1 65cbd6c4094454b31bc32d6426b92cf2.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 17:00:19 GMT
x-amz-cf-pop: LHR50-P3
age: 1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jun 2023 13:53:11 GMT
server: AmazonS3
etag: W/"58ba84e58fa7ae7f3c364db6a49d9bb3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: Drxtl3op4Dn_rOCP07x6ged01wFgMbo6SMv4wxkKesMrKDH1vMwZwg==

GET
H2 200 Dynamic.aspx Show response
nsg.symantec.com/Web/Seal/ 30 B
398 B 503ms
503ms Script
text/javascript 23.201.254.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nsg.symantec.com/Web/Seal/Dynamic.aspx?CBF=bs_R.WriteKickersHTML&Promocode=Kicker%20Custom%20Null&ifID=&DP=br%3DChrome%3Bvr%3D114.0.5735.106%3Bos%3DWindows%3Bsno%3Da&HASH=3stM73d0rjTvM3%2BlZcHoHUFWW5HVc5YbFNXJ90Es8A3jsw8AIkUoxO3Ju3J9UotTTvsZJ03ydOVXAiglkI5VZg%3D%3D&fpc=
Requested by: Host: nsg.symantec.com
URL: https://nsg.symantec.com/private/rollover/rollover.core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.254.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-254-231.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: cb3e4299b9a47e3c0963ef53143ca69dc2dba8cfe9d9e56c4e91cb874416e435

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:19 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
cache-control: max-age=0, no-cache, no-store
content-length: 150
expires: Mon, 12 Jun 2023 17:00:19 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 197A 19 KB
20 KB 73ms
72ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
x-amz-version-id: Dhfyi7.BwdDs73khKVLly.CpqC3d5sZl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 91EYW58DWWJ9G5PF
age: 1117095
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: J6+o8cLTcs9Rv9aYxL55RpBzPwOz8zYrpvObjb0LsP7Awf2vb230RiEwpu09p+X+P51xfZKDu30=
last-modified: Mon, 01 May 2023 05:14:24 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTiFmQ9foIHhMrTMRxUkmwGeUghw89%2FN7LEzjJbd6o6U0jvcpKUH%2BHsqCRa685xT9pa2UCiMGjp%2FRCuCHwlH6JKnc1cqbJjyW62OyPiJ5kDwxkPyXrkeePyYRIcohNXy6wCVBbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d63a63c4a90d96f-HEL
expires: Tue, 30 Apr 2024 05:14:23 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1013 B
2 KB 269ms
268ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

78475c678704c915a1891219c9abb10b6641aaaf17f0ca3315985736af38bc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://elementgames.co.uk/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: application/json

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f343016ced6bf
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220075-FRA, cache-bma1663-BMA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f343016ced6bf-afb57e9dde794648-01
x-timer: S1686589220.512904,VS0,VE208
etag: W/"3f5-BE0V3Bnsk/jlLbPjfzYIWEbO0h4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://elementgames.co.uk
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 245ms
245ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://elementgames.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://elementgames.co.uk
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 12 Jun 2023 17:00:19 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f58261399e1a3
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f58261399e1a3-8254ab5eb8f0f4f2-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230067-FRA, cache-bma1663-BMA
x-timer: S1686589219.264873,VS0,VE185

GET
H2 200 package-core-boot.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 96 KB
32 KB 101ms
100ms Script
text/javascript 18.165.201.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.201.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-73.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4171a80300b386a248c765bfd3a532ddaffe0ea332a36cdb5852f8e212953e6b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: pdqLmjZu65IPbA1JOeCk7bNEBN.PJlX4
content-encoding: gzip
via: 1.1 65cbd6c4094454b31bc32d6426b92cf2.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 16:58:30 GMT
x-amz-cf-pop: LHR50-P3
age: 112
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jun 2023 13:53:09 GMT
server: AmazonS3
etag: W/"714431a73c9740e08c411774bcb506a6"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: wlKUkbO76Cvq3pI5-oHrxnnkZuRXJ496j6W8uoZ4aph3hjFUgoysYg==

GET
H2 200 101718-small.jpg
elementgames.co.uk/images/products/85323/ 3 KB
3 KB 120ms
118ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/85323/101718-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72ba02e7fe895e9846243f8e37417e25ccf75e8f156acd69028a03e9c6d75d68

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jan 2022 14:28:54 GMT
server: cloudflare
etag: "61e6cea6-b7b"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63debbcfab8-OSL
content-length: 2939

GET
H2 200 92261-small.jpg
elementgames.co.uk/images/products/60038/ 1 KB
1 KB 119ms
118ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/60038/92261-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 44398293dfd67a5e44bc5394cd5692e575dcc1b66018501bd5f285ae079fd9fe

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Thu, 24 Sep 2020 11:54:53 GMT
server: cloudflare
etag: "5f6c890d-42b"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63debbdfab8-OSL
content-length: 1067

GET
H2 200 106757-small.jpg
elementgames.co.uk/images/products/90682/ 2 KB
3 KB 122ms
121ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90682/106757-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3d1df512c9905c2995a69f4a515e7c58151ac5440a5abcc4cfcc16173a716df9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:10:11 GMT
server: cloudflare
etag: "635cdfe3-9db"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63e0beffab8-OSL
content-length: 2523

GET
H2 200 106753-small.jpg
elementgames.co.uk/images/products/90690/ 2 KB
2 KB 192ms
190ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90690/106753-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 389aabe63abbdf13596e38548161c99bce6a0fe633807431e45e043bc90b0d0b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:08:07 GMT
server: cloudflare
etag: "635cdf67-97e"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63e0bf1fab8-OSL
content-length: 2430

GET
H2 200 106763-small.jpg
elementgames.co.uk/images/products/90681/ 3 KB
3 KB 120ms
118ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90681/106763-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 126fddacefade9db24d963a45bfe91d4d9eba4043dee58bbb29dc30c682d9f24

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:13:34 GMT
server: cloudflare
etag: "635ce0ae-a71"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63e0bf4fab8-OSL
content-length: 2673

GET
H2 200 106762-small.jpg
elementgames.co.uk/images/products/90684/ 3 KB
3 KB 119ms
117ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90684/106762-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 94f869bc341dd348d338bcb76f37f51e2d92c9faad7d3edffcf823e601854c7c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:12:58 GMT
server: cloudflare
etag: "635ce08a-aba"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63e0bf5fab8-OSL
content-length: 2746

GET
H2 200 106751-small.jpg
elementgames.co.uk/images/products/90692/ 3 KB
3 KB 195ms
194ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90692/106751-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ab587a5613c652c7a8f6e7494600f25a4dbecf7e05e6eaf0fe045168ceaedb8c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:06:37 GMT
server: cloudflare
etag: "635cdf0d-ceb"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63e0bf6fab8-OSL
content-length: 3307

GET
H2 200 / Show response
geolocation.sleeknote.com/ Frame 3CDB 184 B
525 B 270ms
91ms Fetch
application/json 108.138.233.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation.sleeknote.com/
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.233.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-233-124.lhr61.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6351da88465198e6608077a2a4482b47e5bac83e6cc7c2e9e0583b65f1458271

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:18 GMT
via: 1.1 b481ede90908ed62958e1cf615981fc8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR61-P4
age: 1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json
cache-control: max-age=100
alt-svc: h3=":443"; ma=86400
content-length: 184
x-amz-cf-id: rarZ-zkA4u5NtatYHDutKT_S-gYWUSUYFp-K0w7QGCSmLAOSGt6Q4w==

GET
H2 200 106754-small.jpg
elementgames.co.uk/images/products/90686/ 2 KB
3 KB 117ms
116ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90686/106754-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 47542d28177cb428e31b07e9d60d7a5b15d5e13e99c19eb8db74dd5c33199bb7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:08:49 GMT
server: cloudflare
etag: "635cdf91-9a1"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d4bfab8-OSL
content-length: 2465

GET
H2 200 106760-small.jpg
elementgames.co.uk/images/products/90687/ 3 KB
3 KB 196ms
193ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90687/106760-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 20a85ce5ae03a8f5648d6ed28653ceb82f61875e5ef0a09693ed06343d37472d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:11:58 GMT
server: cloudflare
etag: "635ce04e-bb3"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d4dfab8-OSL
content-length: 2995

GET
H2 200 106756-small.jpg
elementgames.co.uk/images/products/90691/ 3 KB
3 KB 123ms
121ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90691/106756-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 14fc20c6dd0f345cffdf6fb131e2bbaf32b0f437a9c0501832cfcbe5def80ba5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:09:38 GMT
server: cloudflare
etag: "635cdfc2-a84"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d4efab8-OSL
content-length: 2692

GET
H2 200 106761-small.jpg
elementgames.co.uk/images/products/90689/ 2 KB
2 KB 128ms
126ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90689/106761-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 655c559ceff5bc2d54f8f339c8e55229f9524994d15c35a230a1721c5146d961

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:12:33 GMT
server: cloudflare
etag: "635ce071-975"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d51fab8-OSL
content-length: 2421

GET
H2 200 106758-small.jpg
elementgames.co.uk/images/products/90685/ 3 KB
3 KB 200ms
198ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90685/106758-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 44f7a4c66650f4ced84fcb5613f55f301e2ba9448d5a1be797220e7c188d4cd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:10:59 GMT
server: cloudflare
etag: "635ce013-c80"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d54fab8-OSL
content-length: 3200

GET
H2 200 106759-small.jpg
elementgames.co.uk/images/products/90688/ 2 KB
3 KB 121ms
119ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90688/106759-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 97a704e03bfd88443094670b8b394972e0b53ab57a59232edd8b94dfb61ce347

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:11:32 GMT
server: cloudflare
etag: "635ce034-9fa"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d55fab8-OSL
content-length: 2554

GET
H2 200 106789-small.jpg
elementgames.co.uk/images/products/90701/ 2 KB
3 KB 123ms
121ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90701/106789-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6f78fbac2c0fd5ed28fe0aaed86594a3f70f92d0dab82e4ed8bff46f6ba2939a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Nov 2022 16:41:34 GMT
server: cloudflare
etag: "63614c3e-9e8"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d56fab8-OSL
content-length: 2536

GET
H2 200 106755-small.jpg
elementgames.co.uk/images/products/90683/ 2 KB
3 KB 199ms
197ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90683/106755-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 94a6a359359373bf6cc6fda8478f8edd90e5b66ee929a0a6fe9104c4e844198a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:09:18 GMT
server: cloudflare
etag: "635cdfae-9cf"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d57fab8-OSL
content-length: 2511

GET
H2 200 105920-small.jpg
elementgames.co.uk/images/products/89088/ 2 KB
3 KB 200ms
199ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/89088/105920-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4fdeeaa07d16290b16ac4ab42c201d566f662a635bc8498c17e8535176473d5c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Tue, 20 Sep 2022 14:53:52 GMT
server: cloudflare
etag: "6329d400-9e6"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d5afab8-OSL
content-length: 2534

GET
H2 200 106752-small.jpg
elementgames.co.uk/images/products/90680/ 3 KB
3 KB 124ms
122ms Image
image/jpeg 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elementgames.co.uk/images/products/90680/106752-small.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 701300a4e28321dfbd9ab0d065ee940448710700c34b6e7c21b18bdd853ef8f3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:00:19 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Oct 2022 08:07:00 GMT
server: cloudflare
etag: "635cdf24-b77"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d63a63f4d5cfab8-OSL
content-length: 2935

GET
H3 200 package-notes.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 95 KB
32 KB 177ms
177ms Script
text/javascript 18.165.201.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.165.201.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-73.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87f5246aacca318f638b12dab9dd9882e2e60500e4bd40bd353a3f13632fb088

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: oavjiBU09dchtwCHgTmZrJVX5KCT5hRG
content-encoding: gzip
via: 1.1 955b5f6b59fedae13d00dcc66f7085f2.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 17:00:19 GMT
age: 1
x-amz-cf-pop: LHR50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jun 2023 13:53:09 GMT
server: AmazonS3
etag: W/"70275955d6ad8fb7a23433401d0d2c6d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: wRtw7gYn31t_t6DRT9cEbyvJkVtNb4ZqZWKi56YJzAKGplHVzTu35g==

GET
H3 200 package-tracker.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 14 KB
6 KB 176ms
176ms Script
text/javascript 18.165.201.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-tracker.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.165.201.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-73.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3066fce80c674eb04f10fcb4aecb04d173e7a678d82f2e97ff155404b6cc5763

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: RscUOS8N3zyQ36_OnEe6o24fZ4OiY5KS
content-encoding: gzip
via: 1.1 955b5f6b59fedae13d00dcc66f7085f2.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 16:59:03 GMT
age: 76
x-amz-cf-pop: LHR50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jun 2023 13:53:09 GMT
server: AmazonS3
etag: W/"0a8a47db16031429c3a5edfd7ffc3f99"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: bODmWO4a8RFLJ7vu1zaWo74OtW-KihaOWhsvQuqr1TBvLnr5lczv0g==

GET
H2 200 /
analytics.sleeknote.com/ 35 B
229 B 255ms
102ms Image
image/gif 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.sleeknote.com/?s1=56819&v8=2_pageview&v0=3d335d60d7ab7db5770fd622fd9ea302&v3=2023-06-12T17%3A00%3A20Z&v6=2023-06-12T17%3A00%3A20Z&v20=true&v25=true&v27=0&s4=https%3A%2F%2Felementgames.co.uk%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle%3Fd%3D10493&s9=https%3A&s11=%2Felement-essentials%2Fegaps%2Fbrushstroke%2Fbrushstrokes-leagues-of-votann-paint-bundle&s12=%3Fd%3D10493&s13=&s2=BRUSHSTROKE%E2%80%99S+LEAGUES+OF+VOTANN+PAINT+BUNDLE+-+Brushstroke&c1=&s7=en-US&v5=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&v22=chrome&v23=114&v24=windows&v26=desktop&v21=0fd9a062-ca05-47b4-a93f-0f5f1db07dc5&s3=elementgames.co.uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2215.1e100.net

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:20 GMT
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 35

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/avif

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 package-anchored.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 25 KB
9 KB 169ms
167ms Script
text/javascript 18.165.201.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-anchored.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.165.201.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-73.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 304809507447c9623319a612ee5791ec089cbc2079d23c83516fbe8cf8256e83

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: igkfCxfmP1CRHwiQWVzLNZYr7FjxDdpb
content-encoding: gzip
via: 1.1 955b5f6b59fedae13d00dcc66f7085f2.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 16:59:53 GMT
age: 28
x-amz-cf-pop: LHR50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jun 2023 13:53:09 GMT
server: AmazonS3
etag: W/"482bd53270be7b05bb250b2eb26a3a46"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: ho2NOWlNo4QYadH0dzmvj7t59xjdigcuwJe95R-Db9-X9oI4FsNd5w==

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7C27 28 B
54 B 129ms
117ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
X-Goog-Request-Time: 1686589220142
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XXYFAdWli80
X-YouTube-Client-Version: 1.20230606.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs4QmhrcTdOb2ZPayihnp2kBg%3D%3D
X-YouTube-Ad-Signals: dt=1686589217873&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1280%2C720&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 12 Jun 2023 17:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Mon, 12 Jun 2023 17:00:20 GMT

GET
DATA 200
OK truncated
/ 5 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80ecad3b9696fe9b61ccac5b119f6bb9e36811b3db973a3d9dc03858644c95ee

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: text/css

GET
H3 200 00c5413b-24f0-4e82-a517-893d07fcd5fa.html Show response
sleeknotestaticcontent.sleeknote.com/editorv2/desktoptoggler/ Frame 3CDB 14 KB
3 KB 189ms
94ms Fetch
text/html 18.165.201.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/editorv2/desktoptoggler/00c5413b-24f0-4e82-a517-893d07fcd5fa.html?1686589220103
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.165.201.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-73.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c3639d12e1f2a8ec119f4e76e5a09066f0fda9a329f98135ae36c285ffb13f9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: bPi2AA8P7_.Mjc7sH36L9.ffD_0hZLXi
content-encoding: gzip
via: 1.1 675c3f96928d591debc37b54f2b16dc2.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 17:00:19 GMT
age: 2
x-amz-cf-pop: LHR50-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Mar 2022 22:38:51 GMT
server: AmazonS3
etag: W/"cf9b5c83c9dd96d4952d6aa825360ffb"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=60
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 7WJTL-bmz5q98V6rMERo8dEWfhf1U2NHa525UuuFmrMzQwVTm7TW3A==

GET
H3 200 sleeknote5.css Show response
sleeknotestaticcontent.sleeknote.com/production/ Frame 3CDB 14 KB
4 KB 94ms
94ms Fetch
text/css 18.165.201.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/sleeknote5.css?&1686589220103
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.165.201.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-73.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3257b861c420f60558d52611583af0a58cabee815f47c7e952a54dd26da2839

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: .GGkh0ohDLqngrVNwuwCWDRse0Jovgtv
content-encoding: gzip
via: 1.1 675c3f96928d591debc37b54f2b16dc2.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 16:59:43 GMT
age: 38
x-amz-cf-pop: LHR50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jun 2023 13:53:09 GMT
server: AmazonS3
etag: W/"ab40fd7f265b24514e997c60abfa9f72"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: uappxamrgW69PhuV_aIhzh1Kypu84XAFYaW9ZXPQ_rZPeXR1ZIDVOQ==

HEAD
H2 200 637829528982403262.png
images.sleeknote.com/sleeknoteimages/tr:f-png,lo-true/ Frame 3CDB 0
0 281ms
89ms Fetch
image/png 2600:9000:238d:4600:16:eb47:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.sleeknote.com/sleeknoteimages/tr:f-png,lo-true/637829528982403262.png
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:4600:16:eb47:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 03:31:33 GMT
via: 1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 13267727
etag: W/"38c-3UIQP+y597/Ev9VIyPXIcEs9wKw"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 908
x-amz-cf-id: LeIrC8y0KkoPcqOL8zeVM4eLp9uVVDAeYS3PwHAD7WbJmfjSep1h0g==
x-request-id: 840d3a7d-e041-4467-b75c-473ec1dae33a

GET
H2 200 637829528982403262.png Show response
images.sleeknote.com/sleeknoteimages/tr:f-png,lo-true/ Frame 3CDB 908 B
1 KB 184ms
182ms Fetch
image/png 2600:9000:238d:4600:16:eb47:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.sleeknote.com/sleeknoteimages/tr:f-png,lo-true/637829528982403262.png
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:4600:16:eb47:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5e734e431a3b20de092c0e417f2a92d6995d37d73ecbf8319ddf879625a34cac

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 03:31:33 GMT
via: 1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 13267727
etag: W/"38c-3UIQP+y597/Ev9VIyPXIcEs9wKw"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 908
x-amz-cf-id: ReJvJoJzJbEK6ngr0lUYjcZLAeiHP0-7YtJXsUsxe0VgV06PbsLisA==
x-request-id: 840d3a7d-e041-4467-b75c-473ec1dae33a

GET
H2 200 637829522653086594.jpeg Show response
images.sleeknote.com/sleeknoteimages/tr:f-avif/ Frame 3CDB 31 KB
32 KB 114ms
112ms Fetch
image/avif 2600:9000:238d:4600:16:eb47:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.sleeknote.com/sleeknoteimages/tr:f-avif/637829522653086594.jpeg
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:4600:16:eb47:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ece4de42a5802bc85d7eefdb290006f8c5c5a106d98876bf123e52b9ec9f9652

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:59:42 GMT
via: 1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 3985238
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 31727
x-request-id: b64da087-217c-445f-a913-cc252154266d
last-modified: Wed, 05 Apr 2023 01:22:13 GMT
etag: "db342ce21785df5cbf625207cf305d1b"
access-control-allow-methods: GET
content-type: image/avif
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: qgpewxjcO0uVYtSswo_ax9dl0Da_gjRf3OINF4SCZvaUjHtElgNpEw==

GET
BLOB 200
OK d9cf94c4-2361-40ee-946f-244757505323
https://elementgames.co.uk/ 31 KB
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://elementgames.co.uk/d9cf94c4-2361-40ee-946f-244757505323
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ece4de42a5802bc85d7eefdb290006f8c5c5a106d98876bf123e52b9ec9f9652

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Length: 31727
Content-Type: image/avif

GET
BLOB 200
OK 0fab8e7b-0baa-45ac-bb15-70023bb04acd
https://elementgames.co.uk/ Frame 98CF 908 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://elementgames.co.uk/0fab8e7b-0baa-45ac-bb15-70023bb04acd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e734e431a3b20de092c0e417f2a92d6995d37d73ecbf8319ddf879625a34cac

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Length: 908
Content-Type: image/png

GET
BLOB 200
OK d9cf94c4-2361-40ee-946f-244757505323
https://elementgames.co.uk/ Frame 98CF 31 KB
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://elementgames.co.uk/d9cf94c4-2361-40ee-946f-244757505323
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ece4de42a5802bc85d7eefdb290006f8c5c5a106d98876bf123e52b9ec9f9652

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Length: 31727
Content-Type: image/avif

GET
H2 200 css Show response
fonts.googleapis.com/ Frame 3CDB 2 KB
837 B 860ms
95ms Fetch
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&1686589220103

Requested by

Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 17:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 16:53:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 17:00:22 GMT

POST
H/1.1 200
OK Sync Show response
recs-us-e1a.particularaudience.com/2.6/ 31 B
631 B 170ms
169ms Fetch
application/json 3.226.27.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://recs-us-e1a.particularaudience.com/2.6/Sync
Requested by: Host: cdn.particularaudience.com
URL: https://cdn.particularaudience.com/js/ele/t.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.27.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-27-69.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b3f88706b91f077028bb0db637846d21ede0af354eb6180b5f1bf4fb8f7e10f9

Request headers

Accept: */*
Referer: https://elementgames.co.uk/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 12 Jun 2023 17:00:21 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
api-supported-versions: 1.5, 1.6, 1.7, 1.8, 1.9, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://elementgames.co.uk
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, authorization, traceparent, tracestate

OPTIONS
H/1.1 200
OK Sync
recs-us-e1a.particularaudience.com/2.6/ Frame 0
0 490ms
164ms Preflight 3.226.27.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://recs-us-e1a.particularaudience.com/2.6/Sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.27.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-27-69.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://elementgames.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, authorization, traceparent, tracestate
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://elementgames.co.uk
Content-Length: 0
Date: Mon, 12 Jun 2023 17:00:21 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 98CF 23 KB
23 KB 89ms
88ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elementgames.co.uk/
Origin: https://elementgames.co.uk
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 185352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 13:31:10 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 98CF 23 KB
23 KB 114ms
113ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elementgames.co.uk/
Origin: https://elementgames.co.uk
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 177517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 15:41:45 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame F46E 23 KB
23 KB 87ms
87ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elementgames.co.uk/
Origin: https://elementgames.co.uk
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 185352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 13:31:10 GMT

GET
H3 200 badge.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 8 KB
4 KB 160ms
159ms Script
text/javascript 18.165.201.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/badge.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.165.201.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-201-73.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9f4be0fcbb1e705a7c42f8adf44ddce76c679e2ba78c40d14e7947b97a05c37

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: yOH3PEslMzOFAVh2pIh8GJFi4_JBKkAD
content-encoding: gzip
via: 1.1 955b5f6b59fedae13d00dcc66f7085f2.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 16:59:52 GMT
age: 54
x-amz-cf-pop: LHR50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jun 2023 13:53:09 GMT
server: AmazonS3
etag: W/"9c13abec348c9ab3d884ecac1422c29e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: isu4gBU-9E00XZJak2IWzVWkT8G_L116NT3ALf8Im_kF3gxmqChknw==

GET
H2 200 cart Show response
elementgames.co.uk/ 105 KB
20 KB 168ms
168ms XHR
text/html 2606:4700:10::6816:1dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elementgames.co.uk/cart
Requested by: Host: cdn.particularaudience.com
URL: https://cdn.particularaudience.com/js/ele/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27, PleskLin
Resource Hash: ae0a274a86a27b62ec2a46a4499c012ea69b3f59041846eecab5b36fc773983a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://elementgames.co.uk/element-essentials/egaps/brushstroke/brushstrokes-leagues-of-votann-paint-bundle?d=10493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 17:00:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.27, PleskLin
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d63a651e8e6fab8-OSL
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 16:49:01	Name: _bit Value: n5ch0g-7e9a3e0d2c4c5a1548-00O
elementgames.co.uk/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0aperqi5q52gato6u815ibv12i
elementgames.co.uk/	1970-01-20 12:39:54	Name: ElementDiscovery Value: 10493
.elementgames.co.uk/	1970-01-20 22:05:49	Name: __utma Value: 156345327.1396067699.1686589217.1686589217.1686589217.1
.elementgames.co.uk/	1969-12-31 23:59:59	Name: __utmc Value: 156345327
.elementgames.co.uk/	1970-01-20 16:52:37	Name: __utmz Value: 156345327.1686589217.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.elementgames.co.uk/	1970-01-20 12:29:49	Name: __utmt Value: 1
.elementgames.co.uk/	1970-01-20 12:29:51	Name: __utmb Value: 156345327.1.10.1686589217
.elementgames.co.uk/	1970-01-20 22:05:49	Name: ciq-uid Value: ciquid-00188b08d1a7c-01-30e990
.elementgames.co.uk/	1969-12-31 23:59:59	Name: ciq_new_visitor Value: true
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: LWNxQhDVdas
.youtube.com/	1970-01-20 16:49:01	Name: VISITOR_INFO1_LIVE Value: 8Bhkq7NofOk
.doubleclick.net/	1970-01-20 12:29:50	Name: test_cookie Value: CheckForPermission
.paypal.com/	1970-01-20 12:29:51	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-20 22:05:49	Name: ts_c Value: vr%3Db08d1a441880a2d1fec95771fff95264%26vt%3Db08d1a441880a2d1fec95771fff95263
paypal-eu-arh.cloudiq.com/	1970-01-20 12:29:51	Name: session Value: eyJpbnRlcmFjdGlvbklkIjoiY2NhMDc1NWMtZjhkOC00MTRmLWExZGEtZjU5OGE0YmVmNDQ4IiwidGFnSWQiOiIwYTI4OTRlMy03ZmE5LTQwMmYtOGJhMC0wMWFkNzZmNDMzZWEtamp6ZHJ3dG4ifQ==
paypal-eu-arh.cloudiq.com/	1970-01-20 12:29:51	Name: session.sig Value: 2O4EcB_HgDTxUbq04GsLqHf3tnI
.paypal.com/	1970-01-20 21:15:25	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 12:30:20	Name: LANG Value: fi_FI%3BFI
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AHV8dX9gtkGWOCXOvafJmVMuq44NVMqlI.JT4nPIF6VuGdewkCY%2B6dIwPleYHcpXXaiTxgyVaRBlI
.paypalobjects.com/	1970-01-20 12:31:15	Name: paypal-offers--cust Value: identified:28:DFP
widget-mediator.zopim.com/	1970-01-20 12:39:54	Name: AWSALBCORS Value: rza2+ChIV0Vd9oXN3ysoscTw3HFck1t4hsBq6A3IBoyxouzCuHrlr3CCjyD0qW3xecYkiZbkL0ONa86bv6MRZy3Gi66+OZto9e4kCsmqkVJf1EabolO8FArz1mmW
.paypal.com/	1970-01-20 12:34:08	Name: tsrce Value: loggernodeweb
.elementgames.co.uk/	1970-01-20 21:15:25	Name: __zlcmid Value: 1GKltKlMG27EBPl
.c.paypal.com/	1970-01-20 22:05:49	Name: sc_f Value: 484n7QbyBfkgy2CnoluNz_ALzCnFXDGWx8QifxixwrJ74shEE8GNdPCph2-99vJdwYhAgpqTwvTwRtCWUrGY69-JJG-Hiza-j2ND7m
.paypal.com/	1970-01-20 22:05:49	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: LbId_N5LcySp0ueIzN4KrynvvoAdqFyxmFY6mSv3DWbGjtkzcNEVteyweDFXhIEeJR46oeDW6Vexttd2
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4NjU4OTIxOTI0OCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 22:05:49	Name: ts Value: vreXpYrS%3D1781283619%26vteXpYrS%3D1686591019%26vr%3Db08d1a441880a2d1fec95771fff95264%26vt%3Db08d1a441880a2d1fec95771fff95263%26vtyp%3Dnew
elementgames.co.uk/	1969-12-31 23:59:59	Name: SNS Value: 1
elementgames.co.uk/	1970-01-20 21:15:25	Name: _sn_m Value: {"r":{"n":1},"gi":{"lt":"60.17970","lg":"24.93440","latitude":"60.17970","longitude":"24.93440","country":"Finland","countryCode":"FI","regionCode":"18","regionName":"Uusimaa"}}
elementgames.co.uk/	1970-01-20 21:15:25	Name: _sn_n Value: {"a":{"i":"0fd9a062-ca05-47b4-a93f-0f5f1db07dc5"}}
elementgames.co.uk/	1970-01-20 21:15:25	Name: _sn_a Value: {"a":{"s":1686589220067},"v":"dc1e986e-2e36-4616-909f-ab7b4ff833d5"}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.sleeknote.com
b.stats.paypal.com
bit.ly
c.paypal.com
c6.paypal.com
cdn.particularaudience.com
cdn.ppcprotect.com
cdn.salesfire.co.uk
dub.stats.paypal.com
ekr.zdassets.com
elementgames.co.uk
elementgames.zendesk.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.sleeknote.com
googleads.g.doubleclick.net
guarantee-cdn.com
i.ytimg.com
images.sleeknote.com
jnn-pa.googleapis.com
live.smartmetrics.co.uk
nsg.symantec.com
paypal-eu-arh.cloudiq.com
paypal-eu-cdn.cloudiq.com
recs-us-e1a.particularaudience.com
sleeknotecustomerscripts.sleeknote.com
sleeknotestaticcontent.sleeknote.com
ssl.google-analytics.com
static.doubleclick.net
static.zdassets.com
stats.g.doubleclick.net
t.paypal.com
widget.trustpilot.com
www.google.com
www.google.no
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.youtube.com
yt3.ggpht.com
104.102.47.146
104.16.51.111
104.18.70.113
104.18.72.113
108.138.233.124
13.227.219.112
142.250.185.162
143.204.231.40
151.101.1.35
151.101.129.21
18.165.201.73
18.65.39.11
192.229.221.25
216.239.34.21
23.201.254.231
2600:9000:211a:b600:d:33cb:c9c0:93a1
2600:9000:238d:4600:16:eb47:3100:93a1
2606:4700:10::6816:1dae
2a00:1450:4001:806::2016
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2006
2a00:1450:4001:811::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9c
2a04:4e42:600::291
2a06:98c1:3120::3
3.226.27.69
34.76.56.218
35.190.88.141
63.35.53.43
64.4.245.84
67.199.248.10
01c01f435b5bafb4679cb07c4c25d64af2a2096ea867cad1b11fe5e1f2883c4e
02a81d6352b2d7f0c08475dad19eca519b4278d8b10dc13e6aaf9460628112cb
03980b16a4d0762686aa734bc60feca566388d9385ed08e922eb24726a7f4c7e
04ad3dc64c610e09119fe8f53a0a393433e258e7527f3385dd18ab7aa8047e2a
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
06098eb1d1e5cc01e4b31c20ab94e93311af96fbc675ab266751e84f1c4ce365
0733bb5debbf093132e64bcf234053a73370863ada144848f62cb044eee54bcb
08faec9c2afdc86a63b97e4d1578207ae3aafa46ce969cce8a85a2a6654b11fc
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
11814acf9e2e82cf456fa7e51107cf4bc3ce0085d03a46e326062f8694041c2f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
126fddacefade9db24d963a45bfe91d4d9eba4043dee58bbb29dc30c682d9f24
12ad4b5f15ba3188b03775a1824e3a2025314baf8cb507988d641fc3519c275d
13c06e947e649c9acda71512e2693a647c5800eedf426d73103f5400befe4882
14fc20c6dd0f345cffdf6fb131e2bbaf32b0f437a9c0501832cfcbe5def80ba5
15f6a80af33407e09c24a88c3f7f88115e18fcf817074989f35a338342d88351
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
171d5695123553d96e72cd1723ffe64401a025324ed11bde87987b9eb4e0ca0b
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
192200684e5fefa431cc2256e24dd195fb231b961554eaaee1900acec95e3101
1b8eeb4c11b246024642a7641b76fafea8d20cedc7b8e94fd4e839af19c05340
1e7d2e5d4678e843e849ac9555fb8b3908cffa68e92fb6bcd17e066c1694e3da
20a85ce5ae03a8f5648d6ed28653ceb82f61875e5ef0a09693ed06343d37472d
222bdd8910c162f1cd42b29004780b6b06f6e263d42af6c49c210085b843b148
24523eb925480364b3863c5cbc4cbd49127a7c1ce67ef8806d7f23e6ab0a2d45
24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25aae47e3d86e729232a1d56bfa91026ee6315b6c75b74d7e2f1c52ecfebb1f0
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
25dc57cb610700eddedb2d486218a44a7eb75369b4ebc61eb0c5ef903f8e398b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27ca748c2d28ce25f7ae6c4559f85f7a0d487e86691a8ff73c8c38ed007d5d45
28f1af4f6068d70d71045b2e3e619a8f49155412990bb0069c488428780f6760
2d674bd98d17650144d8070991809c3708131db4b6d877deaebda9d5d8b16df8
2e93ff880f1f74bb9b73befe0f77f503118704f0522d92dfc5520107f80a8aac
303cf5bb5b805b184ae16c6971e243397b8e9de6b353935786d298333d92c6f0
304809507447c9623319a612ee5791ec089cbc2079d23c83516fbe8cf8256e83
3066fce80c674eb04f10fcb4aecb04d173e7a678d82f2e97ff155404b6cc5763
32d3a5a6aeae890944fc15d4deb94ceaf57cedc586206a48ae708c940c6c3761
33739f2d46ef64baea5d1bbb2e0a28cd641ba1923ae074cd69696991b90a38c2
34db699e0ad7ab516ea3cf0af47a61fee39c11065b75b213295b130016244673
37b30d4771b212da0b83354880b70a43b9b7a357ef407dc3d355a7a0a1560525
389aabe63abbdf13596e38548161c99bce6a0fe633807431e45e043bc90b0d0b
38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2
3ce740e2bba08476bbb1544d9e5762f9c16d6f3963669418123832bf17a4eae2
3d1df512c9905c2995a69f4a515e7c58151ac5440a5abcc4cfcc16173a716df9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f6608ff1db2e96a1c9145e133e6f9743626b180b41d202531d1f8bb2e582b76
4171a80300b386a248c765bfd3a532ddaffe0ea332a36cdb5852f8e212953e6b
43af8c97a3558ddfc5c7459d10376c1370776752e8a615788fbc13414d13648c
44398293dfd67a5e44bc5394cd5692e575dcc1b66018501bd5f285ae079fd9fe
44f7a4c66650f4ced84fcb5613f55f301e2ba9448d5a1be797220e7c188d4cd7
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
474c5411c436077d93c4e52a1c56662a1b63c9c11b39b6b0539d30c100dc7312
47542d28177cb428e31b07e9d60d7a5b15d5e13e99c19eb8db74dd5c33199bb7
47f137a4a3e6a66b8421ca4b700cf5def47e7dc6f282d3ae7d845738d8dfe440
4c3639d12e1f2a8ec119f4e76e5a09066f0fda9a329f98135ae36c285ffb13f9
4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae
4ead984cb2f31783b38447c311fe81e5b088eafc82aca26a3655f4f7e2c289bc
4fdeeaa07d16290b16ac4ab42c201d566f662a635bc8498c17e8535176473d5c
4fedcefd7fd6e4b5191a374b1a99f2bb558861d62a2fc3e5cf99fd4e52b86ad7
535a0eb07fb0fbd62a59719e584c1b27a71066285b222f21684eaf4606ea9e01
55fc0d5f38f5fdd8ba0c458ab25cdd24a5e297929db8599c05b8f700c43aa8a6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5abdecc5281d34e3d669b9cf9829b3088bc9a76e2f8442e6cf6add9b94f73339
5dc59fbc7e948ed13cca008f5c80e88b72bce855caab70c3c1a073d2e3115ba5
5e5ac8ac1fc04afb0730c97d8b0ee1a9c1a316de88b432241fa4441bd9a5d7ab
5e734e431a3b20de092c0e417f2a92d6995d37d73ecbf8319ddf879625a34cac
6081d8b34f5dded799911def8e77d0dcb31b2677c656e46c19ce7ed198543d74
60cdcefd04356bef9c14e738d4644d796c197bcd72177cc7050bc6fd97785d35
6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60
622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045
6351da88465198e6608077a2a4482b47e5bac83e6cc7c2e9e0583b65f1458271
63d5cb9fa8965833e7c3a37dc14038658b514691f634914bb3732c7fd42869b1
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
655c559ceff5bc2d54f8f339c8e55229f9524994d15c35a230a1721c5146d961
67dbfdd99ccb28a4a3c9e81045fb6c245cbc3bed2889a754653df96054f9e736
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681d161c0f91034ee83c1e77e9c5cfff9d424098005a5a7dfe527f96e836ef1d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e873b58d2074f6821bf112ff4af2d9d8ea2f4bfb866258b905b296afce13a64
6e98a5d1d75fb50d4fbe17d528f161d5d690ae39b3f0c346294873f6758a4090
6f3021c4e03fead6975d399de9acdfd8224dd1288eea62fa89e92eb8137a4a27
6f78fbac2c0fd5ed28fe0aaed86594a3f70f92d0dab82e4ed8bff46f6ba2939a
701300a4e28321dfbd9ab0d065ee940448710700c34b6e7c21b18bdd853ef8f3
718db4b4ff7b3ed40548468793f14d3a08f73ff4ca0c1fae2be05d57b7ed0e2b
7290b3900772f8f4fbfb61158cce315f2f7f13d1d46eb061a401a58b01b3fad5
72ba02e7fe895e9846243f8e37417e25ccf75e8f156acd69028a03e9c6d75d68
78475c678704c915a1891219c9abb10b6641aaaf17f0ca3315985736af38bc7b
78c2aea48d0e689689ea8350023b070444d4d29d9fe78569d024e2ebaade0135
801443bd0a6e3cde61df3c20d9d54c589a24b44fdf19066fadcd3bb3b4a91d34
80ecad3b9696fe9b61ccac5b119f6bb9e36811b3db973a3d9dc03858644c95ee
8445ec744c339a5cee4d10f11e1c619c7a5e373a0507c19fa9c32d4fc3c3c73d
87f5246aacca318f638b12dab9dd9882e2e60500e4bd40bd353a3f13632fb088
8995810a03e60e43daac08172d4f40e37c264c502086493b9f18a62020177288
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9455ea00d2269a445396770bfe1d9ed73353a0f267f84eaf86ee8bf5439c871f
94a6a359359373bf6cc6fda8478f8edd90e5b66ee929a0a6fe9104c4e844198a
94f869bc341dd348d338bcb76f37f51e2d92c9faad7d3edffcf823e601854c7c
95acbc49947a73f9202a33014b90180a4fcfc201acdd2b7725131e979a0cb136
96abed43c5a6423a436e5ff656a762587e513187ebdc1b24c26c06b5d66c601a
97a704e03bfd88443094670b8b394972e0b53ab57a59232edd8b94dfb61ce347
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9ac498adfcd049fea24a96bbf91891bd3baf3c87385bddb26f2fae9e49cc5461
9b7135e625ac5dd7be7ea82ad2512847d2755ea450b3a022e036229539f05903
9e7a98ac9ee5eba75dffd3dfc3780e3e40ab25f2f092bc2d87960eb867152ca3
9fa556b6b7eb2595854401a4d492301f836d6f5aa4354a877d3f75f25b014503
a3301a0723cca2c68783cc2f993be5d43f0820531b66d6dbd6ae570c62f3483c
a33cac2582762ac33d896fc48722f5e2a08b08b88e9f5f9d4ae513a6d58064d5
a9ac5826013bddbd6d4b11d329f102c8464fc673e3d1967b4a7bd83da70e6581
ab587a5613c652c7a8f6e7494600f25a4dbecf7e05e6eaf0fe045168ceaedb8c
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
adcf7fb00447abb34826c3ca3cf2ad3be4516cfab88ad23b65e35b0c304f9170
ae0a274a86a27b62ec2a46a4499c012ea69b3f59041846eecab5b36fc773983a
b015ece5fd817eec0990ecad36a70793f9a497861890b533417479bb7fa18145
b2a95245d69655b25812ab2bd247b8a4f29b922b27aff9b81947e6a61570df8a
b34b1b23cb5a61891b4d070b21cc28744bd85ebd4f40d61a7e6a49d8f62c077b
b35d8307cc6736b32aba3c2c5ec84af9602f9c7110208389c03e43e066b617cc
b3f88706b91f077028bb0db637846d21ede0af354eb6180b5f1bf4fb8f7e10f9
b5764918621234540ef053eda027ab15f21520454b99484c7947b3266fb7ba20
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7d02f16d91169758d19dbaab5197d9cfc76787b123e6e5ae1029495b1780181
ba71a3e48ba5f6a11c4eeee12673bc4f8730902ca936bb9982304d293bbbbb34
ba8741cfca21c1a990c32e39ea60d26700c07bee6fe7b78eb2aabcdcbc145e6a
bb988ab760df25b36634e5033c142c3fb806f99cc70e5ce2c77f5fe3c802035f
be9457fa012e044e239436fd86a7ad27756c1b8c567363de32724eda50f4cb4d
c1251bda7bb9e0f2e078fe5278d88ba54ba8c74953c703c714d657a4fa1ec03e
c3084ec5ea6fa7de22f7c6263a796e67920b9f03547094e84610307d95bc6077
c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c698f0f392dc24de1c8d6d844115a3f5a95dce4db26550f8d149d14f4f9b00a5
c95da77b97a9a32000e27ae1e0d2538354e5de6cdca1bd995b73ff56a6b6126b
cb3e4299b9a47e3c0963ef53143ca69dc2dba8cfe9d9e56c4e91cb874416e435
cef32bcec280a2009c763b5b4e5247da7b1bf886387aae2d466db859abe53d15
d4d4a24124782099b9b70a07c2fbfc1cc88552f7fd7eb435b96231e73f40c38a
d53543f26bb758d96aad149e47ffe9c13a4227ec1d8b7edace1644948977ebd2
d725b567d130d3878926c186c884149cfd73b56849fa47ab445cc66a545f6222
d7a3db88fa6c43e1185f71c6fed818ba05c5f44e0a34dec40e24a14031a32960
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9f4be0fcbb1e705a7c42f8adf44ddce76c679e2ba78c40d14e7947b97a05c37
df1a0d0c6515f650fd9dc13a3a20137b3db8c30a3697a2864b4d72d49c6d891e
e1b86726fee08ad51f2bc712ca3ca009d747dd94f584bf98a3250afad77fccde
e1ebe8fb4455e5010f14388e80d1de841ef1ead56db4d81ccbc50cd8e4514fec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5679971d3025506224b33c1543e5876506ea1525ce504023bb344f3c64c0bb3
e5d178f27cef90808f96bc2a5d9fb5d4b69c235bc87eef0246ce09259d5ebbe8
ece4de42a5802bc85d7eefdb290006f8c5c5a106d98876bf123e52b9ec9f9652
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3257b861c420f60558d52611583af0a58cabee815f47c7e952a54dd26da2839
fafbda63fb858a2bcb157eaf3198609387dc3000355433663fdafef09f5178ea
fc206c41704412a0ccb5e81aaf71f492fb700668b7ac961079595c25e583854e
fd26267e37030bfddc821629a908e965af102a6fbfd581bd8cf74cf2a0438470
fda04831a1a821c162fc9d74b77d859299a3f86938627902e38a862fba8110b4

elementgames.co.uk Open in urlscan Pro 2606:4700:10::6816:1dae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

95 %HTTPS

48 %IPv6

26 Domains

42 Subdomains

39 IPs

5 Countries

3442 kBTransfer

9387 kBSize

32 Cookies

0 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

elementgames.co.uk Open in urlscan Pro
2606:4700:10::6816:1dae Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

95 %
HTTPS

48 %
IPv6

26
Domains

42
Subdomains

39
IPs

5
Countries

3442 kB
Transfer

9387 kB
Size

32
Cookies

186 HTTP transactions
1 data transactions