bloxfruitsdojo.com Open in urlscan Pro
2606:4700:3034::ac43:dc69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bloxfruitsdojo.com/
Submission Tags: phishingrod
Submission: On August 07 via api (August 7th 2023, 2:37:48 pm UTC) from DE — Scanned from DE

Summary HTTP 169 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 36 domains to perform 169 HTTP transactions. The main IP is 2606:4700:3034::ac43:dc69, located in United States and belongs to CLOUDFLARENET, US. The main domain is bloxfruitsdojo.com.
TLS certificate: Issued by GTS CA 1P5 on August 6th 2023. Valid for: 3 months.

This is the only time bloxfruitsdojo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3034::ac43:dc69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2.19.224.115 2.19.224.115	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
5 15	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	3.67.123.166 3.67.123.166	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:c921:7369:53d4:6471	16509 (AMAZON-02) (AMAZON-02)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	35.177.233.254 35.177.233.254	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.46 13.227.219.46	16509 (AMAZON-02) (AMAZON-02)
2	35.179.30.203 35.179.30.203	() ()
169	36

5 2606:4700:3034::ac43:dc69 (United States)

ASN13335 (CLOUDFLARENET, US)

bloxfruitsdojo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.224.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.18.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.123.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-123-166.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:c921:7369:53d4:6471 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.35.84 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.102.45.165 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (Grosse Pointe, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (Valence, France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.233.254 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-233-254.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-46.ams54.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.179.30.203 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	503 KB
34	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 ad.doubleclick.net — Cisco Umbrella Rank: 196	204 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29104 ad4m.at — Cisco Umbrella Rank: 10323 assets.ad4m.at — Cisco Umbrella Rank: 38449	2 MB
12	gstatic.com fonts.gstatic.com www.gstatic.com	168 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	7 KB
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 987 r.turn.com — Cisco Umbrella Rank: 4024	3 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	838 B
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	338 KB
5	bloxfruitsdojo.com bloxfruitsdojo.com	197 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1446	945 B
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 124981 static-de.ad4mat.net — Cisco Umbrella Rank: 152740	8 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24618 api.webgains.io	31 KB
3	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 16587	2 KB
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 664	1 KB
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 76086	808 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 845 s.tribalfusion.com — Cisco Umbrella Rank: 2074	1 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 807	676 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 360	291 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 1037	1 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1869	310 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	82 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 67240	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 42287	2 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 67723	608 B
1	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 43845	723 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 66154	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 61899	330 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 61437	184 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 775	589 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 878	465 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3103	104 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 385	265 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	610 B
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2758	362 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	89 KB
169	36

	Domain	Requested by
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net bloxfruitsdojo.com
17	pagead2.googlesyndication.com	bloxfruitsdojo.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net bloxfruitsdojo.com
12	assets.ad4m.at	as.ad4m.at
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
8	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	bloxfruitsdojo.com googleads.g.doubleclick.net
6	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	bloxfruitsdojo.com	bloxfruitsdojo.com
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	www.awin1.com	2 redirects as.ad4m.at
3	dis.criteo.com	googleads.g.doubleclick.net
3	r.turn.com	googleads.g.doubleclick.net
3	ad.turn.com	3 redirects
2	api.webgains.io	analytics.webgains.io
2	ad.doubleclick.net	2 redirects
2	www.conrad.de	as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	onetag-sys.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	sync.mathtag.com	2 redirects
2	prod-rtb.ad4mat.net	bloxfruitsdojo.com googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	cdnjs.cloudflare.com	bloxfruitsdojo.com cdnjs.cloudflare.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	pb.media01.eu	as.ad4m.at
1	pv.medialead.de	1 redirects
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s7.addthis.com	bloxfruitsdojo.com
1	www.googletagmanager.com	bloxfruitsdojo.com
169	46

This site contains no links.

Subject Issuer	Validity	Valid
bloxfruitsdojo.com GTS CA 1P5	`2023-08-06` - `2023-11-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 29 frames:

Primary Page: https://bloxfruitsdojo.com/
Frame ID: 9728CB4EBF1F6FFF62477CB20E51E1BB
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: D7134E9D537172E7F9FFA1A45830BADD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&adk=1812271804&adf=3025194257&lmt=1691419062&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419062701&bpp=7&bdt=287&idt=274&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=517206307518&frm=20&pv=2&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: 39B5873B03FC451DEAABD4D46629F94F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=280&adk=1213588912&adf=321161274&pi=t.aa~a.4014013302~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691419063&rafmt=1&to=qs&pwprc=3285142542&format=1200x280&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419062708&bpp=2&bdt=294&idt=291&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TLXNThhUJe&p=https%3A//bloxfruitsdojo.com&dtd=294
Frame ID: 8FF7F68F784AEAF7007B013AA2F30FE8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7
Frame ID: 1062358546C04D283037AF7E0C450598
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1752&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2ZmcxK8M8&p=https%3A//bloxfruitsdojo.com&dtd=11
Frame ID: E6176FA84188F6BDDB831D5E43339F2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14
Frame ID: 97B14C731ADCA4747B74A992839375DD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0F40413ED806B7611F23DEFEB5D25BE1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3C40E15A902B6C4B5245073547D6B5B3
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 21DD7591C781D3367946B782EE756D24
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DC10A2BDBBA17E5ABA94917007059FB0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 99DFA86D294C09F55EBBF4CAC2F4E19D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: E2960AF3E6AE8FF3F85B3D896E74B96C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 5C2186BA8788304C030971E2BCA3F393
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 9AEF6A24559E38C9C15B459D1D3F795D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C-nNCuAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEyAFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7z5qFIUItMqXfLNxHv26fLxqvGBTc_wgsVR_3A7zVeX_TOAsOV3H4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU4MTQ5NDEwODgxNjIzMzIYAA&sigh=Pdqqc_TjSJU&uach_m=[UACH]&cid=CAQSOwBpAlJWjPCUKYKi3C86yNNGw5nuwoC8lg1VPWsux-OlbfL9zJOp12yr1FfhWwl9lKN2ZiItpyFJOZMiGAE
Frame ID: E4C0D1A3EC56783A5F1209A07E3CE061
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jkeg0nfbcxx342yq6dn7r3a0xqrxcrxj9cavcemnnz60q9kahxg2c19929sk8kt5qhnzt441h1r3k8xy2a8sr6e0ejne1t8jg5vp2wnbbhsqadk7ejcctrzbxbra9gtwtzjvj47zastsj3aveyyfzdgks1ktefd6djwy26j57mfby40h9tv6ec5eegj7n5rxv5phx2j8nbsn1ex75k2px202w9991n8x0e8kzs846a3nc1n5ybrm4vwr6ecw206erf7ef1mg3694559t4bfxc20a4a3jreae8tm3gn1zv83m7cde1e8hjt1hhrq1bqt7jdx1292z4yevtbf21j57fmw22g1c4495fdma9aqy0yfhqk5qdwwjyzwrhzmm3fkcqzhxed66x5hqqgm6xacvvfc951kjs1b37x1f0g07fwfwhbcckmbk5mrhsknvkcjtajrw4ta&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%26client%3Dca-pub-5814941088162332%26adurl%3D
Frame ID: 1D2365AE2EEFA35020BB9AE1289AF306
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6FB98956D0FCAFD038907141D6CAA066
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g7scw76ahphr7h9er258bvv5ffrydzfsjenwk4979rprpzdynw6gexbtka244c3pwks8jckpj3fcrdefegf5ynq7af0wf086c1aexfh7n3qzb4qxzjhnd24kytgdhxws0qm96xfk69tpr3sqedhynq242gf4d5kgfgxc916jx53kq4f1j5na0h0szfhdv37dnhrssjds9ceadkfh02m5vq0ssyc96h1f2k9vk5mc5qsz0rfnhkgb8h27jzv2rfgt21ds1dhp0qdqbwa9ghkrftsge2wej1zw86eksz4c2svxfefd2fcz4batwbhkhzb1886pt7p2k36pw8d627ghs226f0jras2gnmnzfhz6y5nqg6q59re6fytv4ns7xr7ymtc4gjdhznvr6qk630a0dg9cekv7ashzp60tpnycn1v13nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%26client%3Dca-pub-5814941088162332%26adurl%3D
Frame ID: 6FC05CE2BE2FAC1FAA087260F7FFA264
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js
Frame ID: CC6FC4691AC22533FFAB654FE9159105
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 93EFA99150E500029473C06ECCCD0289
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA58964A30895ED068BAF18C314A2C90
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 260DF3F10546055BABC888050AAB70BA
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3493EDF89E7675DF295F93E07BB37B37
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 39B3C9D7611AE506110744D392F695DC
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Frame ID: 86F79E3A9DF04E8298F97EB4952C71B0
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Frame ID: 7A379691BB97B4721B18C08FEDED0661
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A11F5BC4F304EE95FC6506BEFCADB19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1716FF8F49D8680FF1905D382DD156D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blox Fruits Dojo - Codes & Tips

Detected technologies

AddThis (Widgets) Expand

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

169
Requests

90 %
HTTPS

55 %
IPv6

36
Domains

46
Subdomains

36
IPs

6
Countries

3566 kB
Transfer

6407 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 86

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG6XQ9MkppB7CO359xDpeGk&google_cver=1&google_push=AXcoOmRNTA80jZtMFYIbHkoRhsQeFDMr0_sXwAoW-HqT67A7m9IlGD_91X23WVkjELCe1jZs4NUFgalQDVqFUqlvFLZEUMm7qDsI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUwNzY0NTk0ODQwMzY0MjgyNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1

Request Chain 87

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELcKssKyjrwPAMlJANgomWo&google_cver=1&google_push=AXcoOmQtH0tCWD5XDww8nHvQS1L3s4CJy8x4jOVAq8IhWIPmUr7JhKKL0mBjWbHxYbgUjrEY42phki2rNncSaIhu2qKt8dk1UW1W-A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQtH0tCWD5XDww8nHvQS1L3s4CJy8x4jOVAq8IhWIPmUr7JhKKL0mBjWbHxYbgUjrEY42phki2rNncSaIhu2qKt8dk1UW1W-A

Request Chain 90

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP4x0bSii3cOVWWUZk_bT6I&google_cver=1&google_push=AXcoOmTKGqWB8jBevI5-dq0xykEY7pJKvhcG-qbj6sfgbJF0oRhU35IMqU8zQFMD-TYlEE_2wUoQc_jXbKayE5Xwng4Z97iiEzqPUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTKGqWB8jBevI5-dq0xykEY7pJKvhcG-qbj6sfgbJF0oRhU35IMqU8zQFMD-TYlEE_2wUoQc_jXbKayE5Xwng4Z97iiEzqPUQ&google_hm=eS1YZkMzc0lwRTJwR3JkeldnOGlnN1VIS3prMW4yRDYxTH5B

Request Chain 92

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENs08aKfHw4x2zBJPiqAC0c&google_cver=1&google_push=AXcoOmRZyhb-aEVX4wuZV8vZSIQ6OzdidkiIKYWWskn9HILGIHtnRP--GBBF_x7fvVDrcOvsflUt9he3O0h_62ImW2JrLwgUKhcHbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZyhb-aEVX4wuZV8vZSIQ6OzdidkiIKYWWskn9HILGIHtnRP--GBBF_x7fvVDrcOvsflUt9he3O0h_62ImW2JrLwgUKhcHbQ

Request Chain 108

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMWRR4rXbm7jnqk7zOiMCz4&google_cver=1&google_push=AXcoOmTfh46Y9ZeEwtfjDJhSYrKa8RvHGiqSqOFFrCO6tPVmpiG7h0Wmi_SS74HlhJS0pkHGc8_Nev3FPV2li9vVkSB56PFbrc6hiEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc1MDIzNzY4MDExMDM5OTk0Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1

Request Chain 110

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFZg-rBHKUEorRj8ZrDDge8&google_cver=1&google_push=AXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC9JtY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC9JtY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFZg-rBHKUEorRj8ZrDDge8&google_cver=1&google_push=AXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC9JtY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC9JtY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 111

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAdzv-jyC5220o0f2oJ1nAc&google_cver=1&google_push=AXcoOmSeaDYIZ4rv6SAUOATcm9cwwVGdIcADk2iBtN4eqxUi-Sw4pOxdviEgVtfdKJ8SGwTGeZq6qT8MtBU_99ShNJk1pp51rp5DsFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSeaDYIZ4rv6SAUOATcm9cwwVGdIcADk2iBtN4eqxUi-Sw4pOxdviEgVtfdKJ8SGwTGeZq6qT8MtBU_99ShNJk1pp51rp5DsFw&google_hm=eS1RdlNOZ0JwRTJwR2RQbzhOZkIzRkUyMThEV2c1WlZuNH5B

Request Chain 113

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPxJfIlmxyuMso1eqF1MUrU&google_cver=1&google_push=AXcoOmQp6wDf625wPTHCMGXn3dHS9BBYViVSspS0YfmhUmk7bR_lbFlK00-L_yJHi9g5hYi_UvOPU-58ngglUZPk7Ftalp05CC_H4ps HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQp6wDf625wPTHCMGXn3dHS9BBYViVSspS0YfmhUmk7bR_lbFlK00-L_yJHi9g5hYi_UvOPU-58ngglUZPk7Ftalp05CC_H4ps

Request Chain 114

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIFRoZfq6e9VmIeUg8myecs&google_cver=1&google_push=AXcoOmSC-IQSZ2-Ubmmu82Fcxbb1n0oO-Y3kEC_aoDFThoHheh3rI7OVT2ICazJ0sc6NWHcuu7k1D34Dq-gtlzjcvriugMuajFzRNLaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSC-IQSZ2-Ubmmu82Fcxbb1n0oO-Y3kEC_aoDFThoHheh3rI7OVT2ICazJ0sc6NWHcuu7k1D34Dq-gtlzjcvriugMuajFzRNLaA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 119

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1&google_push=AXcoOmRmySP_Yf3_mIJVdqndHZnEl7pJDegUxcYgs3dNe-OQXXnoDZE6HNzWttVRcvPdp_iiJ7FHQ1m4WLyWfzrLBd7vAAmr3u417K96Pf91W2DLzVbSsgk03c34JZLVh2v4Lxm-oSh7UvTSyVU-R4uvm7f_HA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc1MDIzNzY4MDExMDM5OTk0Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1

Request Chain 121

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEDBKB3Zf5YfGwPy6HLLj5w&google_cver=1&google_push=AXcoOmQBTVOS4ccvy7gvxgZST5yc2ydybS__5UbWYW8FCZZnr-tBTMYrBVFgArGBGbB7UQZ63KBpl3u8msbYfQCXzwNxO2w9sw1UHrM10gLm1PHx0tw0jegTZHRax_fl5e3_TBoCTUVNH-zsBLmx_oGCOQXvz6s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQBTVOS4ccvy7gvxgZST5yc2ydybS__5UbWYW8FCZZnr-tBTMYrBVFgArGBGbB7UQZ63KBpl3u8msbYfQCXzwNxO2w9sw1UHrM10gLm1PHx0tw0jegTZHRax_fl5e3_TBoCTUVNH-zsBLmx_oGCOQXvz6s

Request Chain 122

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIyaW3iT5fMy49NolBXiRAo&google_cver=1&google_push=AXcoOmR7I4_McUiIuztZpLXlCnwtHeCaBFV9uikGxyal-ceRuVpzxXjf8HMqOI1rRDSYs1AESpJK4IuesvQZKzBDKLOupTij8inCQXmUqH0qS21jMjiZx1vAkf2jZMhBhRG7S0M2hBla70m2oHKmAozUWIACdEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIyaW3iT5fMy49NolBXiRAo&google_push=AXcoOmR7I4_McUiIuztZpLXlCnwtHeCaBFV9uikGxyal-ceRuVpzxXjf8HMqOI1rRDSYs1AESpJK4IuesvQZKzBDKLOupTij8inCQXmUqH0qS21jMjiZx1vAkf2jZMhBhRG7S0M2hBla70m2oHKmAozUWIACdEY

Request Chain 125

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEORmug-GN28MgzirCLkG38M&google_cver=1&google_push=AXcoOmRBP04oomtt5SzJN9zCUBO1NSckd0YhV_TiGAcMXj6f_vy8P_HkGggj-lCq1GgiqleFo8RVA3eXmfHnyc3BljyFbQxiS3IGRM02__Ct5maP8bkSaGRjPRSZhClq8TZTu05KVzIF-YkXVt8PoMzLvHlk5HGa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRBP04oomtt5SzJN9zCUBO1NSckd0YhV_TiGAcMXj6f_vy8P_HkGggj-lCq1GgiqleFo8RVA3eXmfHnyc3BljyFbQxiS3IGRM02__Ct5maP8bkSaGRjPRSZhClq8TZTu05KVzIF-YkXVt8PoMzLvHlk5HGa HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 150

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1691419066_f98349d0-352f-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 153

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMag7oTjyoADFbmJgwcd45EDaw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023080716374687653205391X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023080716374687653205391X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 156

https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=981741&produktid=&dt_url=

Request Chain 162

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1691419066_f984f780-352f-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=

169 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bloxfruitsdojo.com/ 6 KB
2 KB 884ms
651ms Document
text/html 2606:4700:3034::ac43:dc69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:dc69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b32acacc3d3b967af9416c72a05e02659fe1112b2a19c9c8b6b3abc96037f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f30425008893a82-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 07 Aug 2023 14:37:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkdQrikInWrIT9r84Xgi%2Fk1RiERPmDqgggwYUOCOEt4tAj%2BQAdMruGDq383guAOF1qWV5tSTFaw8wYyi0LnTNzBNt5qDGiXOVzdEJI%2BAjhr3PQeS1DMkL4upekkuRXK4IV8FmOB66D9PxAwRfQFbme4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 145ms
60ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3MK7NNWSET

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9aaa51dd4b6c1c9748d02924c508911f45372e91ce17a5d1aeb89dafc2bc5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 07 Aug 2023 14:37:42 GMT

GET
H2 200 styles.css
bloxfruitsdojo.com/ 24 KB
6 KB 638ms
637ms Stylesheet
text/css 2606:4700:3034::ac43:dc69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloxfruitsdojo.com/styles.css

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:dc69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

584accc2c8007dc6b4b54fcd527ff937eca71635e0017dd1e844355593cf92bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:43 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Apr 2023 15:59:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ni45AAEV%2B4jpFc32OqQoX7XqnmRwrJ5vTWQwKMIg7wr1W549ghx2q8kCWDqI%2BO%2BXp2Tb16PRyHdzIURQ9SJZi3ky66E66kl5BMw830mA3g1y1NxrHiGuMMJnS9yp3kJE05Es9f%2BU0NeLkRLkT%2BrTbGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7f3042541e7a3a82-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 717 B
779 B 125ms
45ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 14:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 13:13:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 14:37:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
738 B 132ms
52ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 14:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 14:07:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 14:37:42 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 47ms
19ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8199596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKz%2FkJcgOiECr1ugtaLgKb%2FHxrT1VrMLlXwnGvCVInZiCibtOgRT4FzXKN1joYK0fkZSs3h2zpgfMbRzEIxbx5xxqET098rZ13qQaBP2JSq2YC%2BLTMo6wySLknbHbE5bBz6qCoJAJ4vTDFOiqABOgige"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f304254480218e4-FRA
expires: Sat, 27 Jul 2024 14:37:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 178ms
88ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5814941088162332

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eda5e562159f7c5609289195c5daeb7d886bb6af7be31bdaecc193ee22b34936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Origin: https://bloxfruitsdojo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50552
x-xss-protection: 0
server: cafe
etag: 6591251496248759627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:42 GMT

GET
H2 200 header6.png
bloxfruitsdojo.com/ 168 KB
169 KB 671ms
671ms Image
image/png 2606:4700:3034::ac43:dc69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloxfruitsdojo.com/header6.png

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:dc69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca9ce991e9c0726a2fa041f7d038b3bd7f86a9106c0d6e7072709727981d21a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:43 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Apr 2023 01:02:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ua6ijZPe%2FYqEAlVfbMLpiaM4fotoDcK5RpjzY8AuKEyDG1oBdPtg46%2F0U2fsGEtvGsRYBRHVPzZKkj41jUsrflLMb8%2B9o3g50sn2dcQtDT3O%2BXShW0AtldbZKwEZ%2BVna4BkEneiop%2BKoZ5N7UICRVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f3042543eac3a82-FRA
alt-svc: h3=":443"; ma=86400
content-length: 172098

GET
H2 200 darkblade.png
bloxfruitsdojo.com/images/ 7 KB
7 KB 650ms
650ms Image
image/png 2606:4700:3034::ac43:dc69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloxfruitsdojo.com/images/darkblade.png

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:dc69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8728520b817c7615119cec1c37953caeeff0d1715603ad2234a992e811aed348

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:43 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Apr 2023 18:34:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCDP2dNjROPWWorfMxAnOwfbIdxoXOog02dMaGfx075L5z28YnAffYLzEIlekTWNjqq6DTxIqsfF1FMMJ9Fb8b11aL7HGiAcW1vBkTyl6XVMYu1KFj7w%2B1GAQgaP51dPI6g4CeFct21dlajVB7mYNlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f3042543eae3a82-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6819

GET
H2 200 buddha.png
bloxfruitsdojo.com/images/ 13 KB
13 KB 687ms
687ms Image
image/png 2606:4700:3034::ac43:dc69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloxfruitsdojo.com/images/buddha.png

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:dc69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1f0787b6165514dc9c9c50e39fb0cada1c2a1e2dd53f8c78c5b420613040042

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:43 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Apr 2023 15:33:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXJ1wVp5fWaR%2BR%2FU4tzVWQkGvqR2DYPvoonN3u0aKjDhknvmwb8utqrYjlccNIO142eD5xL%2B5lgPbQe%2FhUeudu8ttEf0HgNGhPtSlnGQSMccjPqdRJs89MUvrv%2BFy6Dvl0iXyZnarVWGvqFxGUb%2Bxoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f3042543eb23a82-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13256

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
362 B 453ms
10ms Script
text/javascript 2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-115.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Aug 2023 14:37:42 GMT
server: Oracle API Gateway
opc-request-id: /75B3D7EC36C5C756FE0525D34687A4BB/DFFCB6190717A80BCBB05B9F46F9F76A
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3MK7NNWSET&gtm=45je3820&_p=495018580&cid=1863656164.1691419063&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691419062&sct=1&seg=0&dl=https%3A%2F%2Fbloxfruitsdojo.com%2F&dt=Blox%20Fruits%20Dojo%20-%20Codes%20%26%20Tips&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MK7NNWSET
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxfruitsdojo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 26ms
15ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://bloxfruitsdojo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:42 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8201059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORNPLZDjxIr1zexb7YBvjChtXsIRdiJ9R2TnogP17e3x0Wl%2BfvcLRFeND1QHA0DlT3VMe%2FAY9PejnGMb19BXCL8fsL12I%2BGiUO6uaBPDYtDhHW%2BcICfahOQ4D6Xag87xejezRaocGRbI5JY5vaI%2F5ZHj"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f304255ce4ebbad-FRA
expires: Sat, 27 Jul 2024 14:37:42 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 159ms
75ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bloxfruitsdojo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 17:40:01 GMT
x-content-type-options: nosniff
age: 507461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jul 2024 17:40:01 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 123ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bloxfruitsdojo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 21:23:50 GMT
x-content-type-options: nosniff
age: 148432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 21:23:50 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ 371 KB
125 KB 178ms
100ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5814941088162332&plah=bloxfruitsdojo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5814941088162332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c7aac6903170bd1d724436567c4bc2b70743badab6fc8d7a6e5150bad8f9c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128125
x-xss-protection: 0
server: cafe
etag: 7501228083948731517
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame D713 10 KB
5 KB 115ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5814941088162332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 18:34:27 GMT
etag: 12368291122986407432
expires: Sun, 20 Aug 2023 18:34:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
610 B 254ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bloxfruitsdojo.com&callback=_gfp_s_&client=ca-pub-5814941088162332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5814941088162332&plah=bloxfruitsdojo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66694e9c0f3ae8a8bac65a79bac91f21a389e79ff9ab8fc945c0304daeef74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 39B5 315 KB
76 KB 868ms
866ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&adk=1812271804&adf=3025194257&lmt=1691419062&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419062701&bpp=7&bdt=287&idt=274&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=517206307518&frm=20&pv=2&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3628465bfc7e516f7cc8fdc9492f9bd2ff379f3b6086f123f0fc066fcec791b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 77573
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:44 GMT
expires: Mon, 07 Aug 2023 14:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FF7 117 KB
38 KB 1144ms
1143ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=280&adk=1213588912&adf=321161274&pi=t.aa~a.4014013302~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691419063&rafmt=1&to=qs&pwprc=3285142542&format=1200x280&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419062708&bpp=2&bdt=294&idt=291&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TLXNThhUJe&p=https%3A//bloxfruitsdojo.com&dtd=294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b755b2537f6842f54228686b9fac8bfd9b54b53505e1e5b0c616191298c5797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39197
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:44 GMT
expires: Mon, 07 Aug 2023 14:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ 154 KB
52 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4c6872399717ce022bcfcd0be6490b3fa4d9fa371bd3aa491cc78f031867e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53490
x-xss-protection: 0
server: cafe
etag: 2594260478718868153
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ 88 KB
30 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5814941088162332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59926cf9abf7ca82243a5e35256678d938cf894a642e1221e338b2854b54c48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30842
x-xss-protection: 0
server: cafe
etag: 14893429434800642791
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1062 45 KB
16 KB 764ms
763ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6e2024b4dce73639fce1682cec2dedbb73adc5fd6649aad2937ed9456732d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16835
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:44 GMT
expires: Mon, 07 Aug 2023 14:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E617 40 KB
14 KB 740ms
740ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1752&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2ZmcxK8M8&p=https%3A//bloxfruitsdojo.com&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e25703abed8c2228b0a98e3bc84e32c3d44d334bdd881fb06a20447fd904b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14822
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:44 GMT
expires: Mon, 07 Aug 2023 14:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 97B1 117 KB
41 KB 826ms
826ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3797d0f2a3c6c4b53d2e183147db6b76e9c06866e45f119302446ea1a18a7612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41719
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:44 GMT
expires: Mon, 07 Aug 2023 14:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame 0F40 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:05:07 GMT
etag: 12368291122986407432
expires: Sun, 20 Aug 2023 17:05:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame 3C40 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:05:07 GMT
etag: 12368291122986407432
expires: Sun, 20 Aug 2023 17:05:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0F40 4 KB
767 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 13:05:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0F40 205 B
520 B 177ms
82ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 20:49:19 GMT
x-content-type-options: nosniff
age: 236905
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Aug 2024 20:49:19 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0F40 604 B
695 B 189ms
93ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:58:11 GMT
x-content-type-options: nosniff
age: 85173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 05 Aug 2024 14:58:11 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 0F40 15 KB
6 KB 169ms
84ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6416
x-xss-protection: 0
server: cafe
etag: 10587074671346547413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 18:11:48 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 0F40 20 KB
9 KB 164ms
79ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8604
x-xss-protection: 0
server: cafe
etag: 15357628606984112601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:57:00 GMT

GET
H2 200 2ae469cc10e29b7bd733e737170d4c36.js Show response
www.gstatic.com/mysidia/ Frame 3C40 9 KB
4 KB 118ms
38ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ae469cc10e29b7bd733e737170d4c36.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 20:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3928
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 20:26:44 GMT

GET
H2 200 d5a7fbdbed83a0cc80c703066bd00871.js Show response
www.gstatic.com/mysidia/ Frame 3C40 10 KB
4 KB 175ms
94ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d5a7fbdbed83a0cc80c703066bd00871.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93c3ee40bb002b749bcab27f7b946f92c122fcb574ab1e5a032addb332d33aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4325
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 21:29:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3C40 14 KB
1 KB 46ms
44ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 13:07:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 3C40 2 KB
926 B 179ms
111ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 3C40 23 KB
9 KB 161ms
93ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:46:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 3C40 3 KB
1 KB 146ms
78ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:45:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 3C40 20 KB
8 KB 121ms
52ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C40 179 KB
57 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 3C40 33 KB
14 KB 149ms
71ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8FF7 14 KB
1 KB 47ms
45ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=280&adk=1213588912&adf=321161274&pi=t.aa~a.4014013302~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691419063&rafmt=1&to=qs&pwprc=3285142542&format=1200x280&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419062708&bpp=2&bdt=294&idt=291&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TLXNThhUJe&p=https%3A//bloxfruitsdojo.com&dtd=294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 13:25:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 8FF7 2 KB
926 B 123ms
90ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 8FF7 23 KB
9 KB 135ms
105ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:46:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 8FF7 3 KB
1 KB 121ms
91ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:45:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 8FF7 20 KB
8 KB 77ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FF7 179 KB
56 KB 179ms
130ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 8FF7 33 KB
14 KB 121ms
82ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 21DD 14 KB
1 KB 45ms
45ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 13:03:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 21DD 2 KB
972 B 95ms
89ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 21DD 23 KB
9 KB 103ms
97ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:46:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC10 143 B
166 B 45ms
35ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 21DD 3 KB
1 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:45:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 21DD 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21DD 179 KB
56 KB 133ms
111ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 21DD 33 KB
14 KB 51ms
40ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8272867029187888105/ Frame 8FF7 23 KB
23 KB 104ms
101ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8272867029187888105/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf9b101f956976af5f27917d2ed6ff7206a3fea304ceb4f9934ab4bd42c5bb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 21:08:35 GMT
x-content-type-options: nosniff
age: 235749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23507
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 07:42:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Aug 2024 21:08:35 GMT

GET
DATA 200
OK truncated
/ Frame 8FF7 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8FF7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC10
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
49ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:44 GMT
expires: Mon, 07 Aug 2023 14:37:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13937812067943669912/ Frame 3C40 2 KB
2 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13937812067943669912/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1486afa93dc6ade989514a67ee0dd6a469e1612e425e5e850b5da27ef4b07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 15:14:13 GMT
x-content-type-options: nosniff
age: 257011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2069
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 10:12:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Aug 2024 15:14:13 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3MK7NNWSET&gtm=45je3820&_p=495018580&cid=1863656164.1691419063&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1691419062&sct=1&seg=0&dl=https%3A%2F%2Fbloxfruitsdojo.com%2F&dt=Blox%20Fruits%20Dojo%20-%20Codes%20%26%20Tips&en=scroll&epn.percent_scrolled=90&_et=12
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MK7NNWSET
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxfruitsdojo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8FF7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b18d9008241cbf889428ca2c75e5b695b25966534992dcabc66535788592dee8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99DF 143 B
166 B 36ms
35ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3C40 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23e41d4757e605384b24c86a42fee170b0c5199c0c40e5aa3d1d07edf13caf34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3C40 0
23 B 82ms
81ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClPVltwHRZMTJEdqUngXbzoygAuybtZFyjI7NuuQRnvPBsooOEAEg9fqrFmCV4pCCoAegAbmiyPMpyAEBqAMByAPLBKoE1QFP0P219zBntigtRjpzaLymKdrwCAmxPF-XnE6DEiNy5q06VVcYhx9zIZkxczaZXTCEwnRetLvpjjdemYXUSl-Tor1Mi3CDNpI5qwdDjKefbu7A5wWaVGKijOpYZBhEp1_73RIXoQYI1A6wWEVw5NNRHlXHW3wyt9YmIKvUIHGAunXsOGkJOdamqC897Re_CX7-v_RLRT3nM0KspLOicqoX7p5Zhtmd5TSssci_um0L4i7xaeVPhVLcPpJWgzk1lJgRuEEtR-3a5CsJ3GLS3PYcUFWNiK_ABIOxua7KBJIFBAgEGAGSBQQIBRgEgAfOw5nYBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEN2rBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi01ODE0OTQxMDg4MTYyMzMyGAA&sigh=9_r_ce8NmV4&uach_m=[UACH]&cid=CAQSGwBpAlJWgSnnC1fg-omPyWuIpbze8nP1xozQYRgB&template_id=5001&cbvp=2&vis=1

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 07 Aug 2023 14:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99DF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
51ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:44 GMT
expires: Mon, 07 Aug 2023 14:37:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E296 37 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Aug 2024 12:57:58 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8FF7 33 KB
33 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 06:16:50 GMT
x-content-type-options: nosniff
age: 202854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 06:16:50 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C21 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Aug 2024 12:57:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8FF7 0
19 B 79ms
79ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKfeitwHRZLOqEZqgngW_oJzIBe2_0pJyponn6cIR0-O6kpIOEAEg9fqrFmCV4pCCoAegAbmiyPMpyAEJqAMByAPLBKoE1QFP0Lu0Qg8ojrYanKPAcPUuTSeoLXoH5Y_UtI6un0r2TAHGu8cZ_mud1SyDToHSgzbJnYLAfvw6lQ7SdwY_mKRgkmSegR-PI0vUUyk9kinjbvMx441g8AYQRKDmjzcPxafDt1m8F1kLFS7NNXqB29USc_NuO83gkq6w7Iru97EGLP9kBDQ6Jgap-OeBUlrCKd5I0C-gGSqkxS0pyoa-JB3nuosPHhPFsc2s-7z9t7XEHjV1ezqq-l7cQG92xrVnCVuElahgZI-IpA-xXMg_VpFCiiuMQt_ABM7gro2wBJIFBAgEGAGSBQQIBRgEoAYugAfOw5nYBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEO7hBtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi01ODE0OTQxMDg4MTYyMzMyGAA&sigh=d5YDMxJ6Mpg&uach_m=[UACH]&cid=CAQSGwBpAlJW0n4fXfF3QnWOhSEnxmTrHrqlgfgrEhgB&template_id=5000&cbvp=2&vis=1

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=280&adk=1213588912&adf=321161274&pi=t.aa~a.4014013302~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691419063&rafmt=1&to=qs&pwprc=3285142542&format=1200x280&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419062708&bpp=2&bdt=294&idt=291&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TLXNThhUJe&p=https%3A//bloxfruitsdojo.com&dtd=294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 07 Aug 2023 14:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AEF 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Aug 2024 12:57:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E4C0 0
0 98ms
97ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-nNCuAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEyAFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7z5qFIUItMqXfLNxHv26fLxqvGBTc_wgsVR_3A7zVeX_TOAsOV3H4AGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU4MTQ5NDEwODgxNjIzMzIYAA&sigh=Pdqqc_TjSJU&uach_m=[UACH]&cid=CAQSOwBpAlJWjPCUKYKi3C86yNNGw5nuwoC8lg1VPWsux-OlbfL9zJOp12yr1FfhWwl9lKN2ZiItpyFJOZMiGAE

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1752&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2ZmcxK8M8&p=https%3A//bloxfruitsdojo.com&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 07 Aug 2023 14:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E4C0 0
0 69ms
22ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1htzd9v6wfck84mr6df8j6yxq3hy0fez1hz5rxnn0f5fmtkbewdkszbyg5q5d9kyx1a444fb20t0z158br8n3q7794gwanka0mfk81vq5ynpwvypm3ebvp5xdzj6tkp9c12x9g47bwbzwd617y5m72cm3c791fkt5fwn9knarz5dzhy3spr186bsexhgsw70zz3s37sne5kredcd68k2a90f0dny0d4gjrbby2ds019071smnqhetr6bsxt4f3vvvnhdrbghhapkvzk0jz8s54qd73f4ycms010xj0qgs3baxjw41tmj1dxm7rczk5stfyvxktj054tps05nazz7c4db72vvrqb52yjma8cx883s0vq2w89k9ny2mhtqncj38jm3phyc8nfv4zg&b=ZNEBuAAEQB0Ef5_RAAKPhTOGJx0IgG3jOQFOCQ
Requested by: Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Aug 2023 14:37:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 1D23 2 KB
1 KB 83ms
41ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jkeg0nfbcxx342yq6dn7r3a0xqrxcrxj9cavcemnnz60q9kahxg2c19929sk8kt5qhnzt441h1r3k8xy2a8sr6e0ejne1t8jg5vp2wnbbhsqadk7ejcctrzbxbra9gtwtzjvj47zastsj3aveyyfzdgks1ktefd6djwy26j57mfby40h9tv6ec5eegj7n5rxv5phx2j8nbsn1ex75k2px202w9991n8x0e8kzs846a3nc1n5ybrm4vwr6ecw206erf7ef1mg3694559t4bfxc20a4a3jreae8tm3gn1zv83m7cde1e8hjt1hhrq1bqt7jdx1292z4yevtbf21j57fmw22g1c4495fdma9aqy0yfhqk5qdwwjyzwrhzmm3fkcqzhxed66x5hqqgm6xacvvfc951kjs1b37x1f0g07fwfwhbcckmbk5mrhsknvkcjtajrw4ta&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%26client%3Dca-pub-5814941088162332%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1752&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2ZmcxK8M8&p=https%3A//bloxfruitsdojo.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53e028c7d0b4cc5752dc255054dc412f0821943def0390a375678472bddfbdec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f30426428922c76-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:45 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame E4C0 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:45:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6FB9 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 03:25:10 GMT
etag: 48472445140208031
expires: Tue, 08 Aug 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame E4C0 20 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E4C0 0
0 46ms
45ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROwbbtcXZnBXT9hQT71Q3D5tADKPexLqYVZV5IBotwGqz7FwsVbFc8aZsVifC06DK2Xl0v_foIcuSHYAb1irT5ySTDww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1752&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2ZmcxK8M8&p=https%3A//bloxfruitsdojo.com&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4C0 179 KB
56 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 6FC0 2 KB
2 KB 48ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g7scw76ahphr7h9er258bvv5ffrydzfsjenwk4979rprpzdynw6gexbtka244c3pwks8jckpj3fcrdefegf5ynq7af0wf086c1aexfh7n3qzb4qxzjhnd24kytgdhxws0qm96xfk69tpr3sqedhynq242gf4d5kgfgxc916jx53kq4f1j5na0h0szfhdv37dnhrssjds9ceadkfh02m5vq0ssyc96h1f2k9vk5mc5qsz0rfnhkgb8h27jzv2rfgt21ds1dhp0qdqbwa9ghkrftsge2wej1zw86eksz4c2svxfefd2fcz4batwbhkhzb1886pt7p2k36pw8d627ghs226f0jras2gnmnzfhz6y5nqg6q59re6fytv4ns7xr7ymtc4gjdhznvr6qk630a0dg9cekv7ashzp60tpnycn1v13nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%26client%3Dca-pub-5814941088162332%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d950a0d8d81bcd8325f2cfd2c17945e80210c7cba278392c2d71e6a06eacf12

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f30426428952c76-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:45 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame CC6F 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:45:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 93EF 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 03:25:10 GMT
etag: 48472445140208031
expires: Tue, 08 Aug 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame CC6F 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CC6F 0
0 45ms
45ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRa_jREHd4pUBVauSukr-Zo4aHqPNn5mEiOr1qoUEbcD66cVAzWPDFp_qZ-hF8VJO6VZdoHBIdcs9bflAMXMbK9BhnMig
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC6F 179 KB
56 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
DATA 200
OK truncated
/ Frame E4C0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4043ae1bb8138043da669194f010cb670abd4b0957a28fefe9991aa1089a542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6FB9
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG6XQ9MkppB7CO359xDpeGk&google_cver=1&google_push=AXcoOmRNTA80jZtMFYIbHkoRhsQeFDMr0_sXwAoW-HqT67A7m9IlGD_91X23WVkjELCe1jZs4NUFgalQDVqFUqlvFLZEUMm7qDsI
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUwNzY0NTk0ODQwMzY0MjgyNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1

43 B
398 B

53ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1752&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2ZmcxK8M8&p=https%3A//bloxfruitsdojo.com&dtd=11
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Aug 2023 14:37:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6FB9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELcKssKyjrwPAMlJANgomWo&google_cver=1&google_push=AXcoOmQtH0tCWD5XDww8nHvQS1L3s4CJy8x4jOVAq8IhWIPmUr7JhKKL0mBjWbHxYbgUjrEY42phki2rNncSaIhu...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQtH0tCWD5XDww8nHvQS1L3s4CJy8x4jOVAq8IhWIPmUr7JhKKL0mBjWbHxYbgUjrEY42phki2rNncSaIhu2qKt8dk1UW1W-A

170 B
329 B

65ms
51ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQtH0tCWD5XDww8nHvQS1L3s4CJy8x4jOVAq8IhWIPmUr7JhKKL0mBjWbHxYbgUjrEY42phki2rNncSaIhu2qKt8dk1UW1W-A

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 07 Aug 2023 14:37:45 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x11 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQtH0tCWD5XDww8nHvQS1L3s4CJy8x4jOVAq8IhWIPmUr7JhKKL0mBjWbHxYbgUjrEY42phki2rNncSaIhu2qKt8dk1UW1W-A
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6FB9 70 B
265 B 106ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBl9KawwqSo5e0NzpmoUJao&google_cver=1&google_push=AXcoOmRxY-CU3gnRGw5uX6YL2IPA-Pxzv49FhRYMQPPwULNbiepMlGgDqzUSmRC8n5BZNgdWW0tjZGk7uf7zoxW0oH-NCBZbx0wt3A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1752&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2ZmcxK8M8&p=https%3A//bloxfruitsdojo.com&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 6FB9 43 B
146 B 196ms
7ms Image
image/gif 3.67.123.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECNeVKBY8Gjalgpeqvwp8J8&google_cver=1&google_push=AXcoOmTHbncSGD27eiJYyxKvUbMAvUIfW5nue_nhymFKlWAPqb2OO6uqdrQirwOl0FJvnRZ09SxAlZGDJvQ87na_KclioIzcFmHTuA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1752&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g2ZmcxK8M8&p=https%3A//bloxfruitsdojo.com&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.123.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-123-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6FB9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP4x0bSii3cOVWWUZk_bT6I&google_cver=1&google_push=AXcoOmTKGqWB8jBevI5-dq0xykEY7pJKvhcG-qbj6sfgbJF0oRhU35IMqU8zQFMD-TYlEE_2wUoQc_jXbKayE5Xwng4Z97i...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTKGqWB8jBevI5-dq0xykEY7pJKvhcG-qbj6sfgbJF0oRhU35IMqU8zQFMD-TYlEE_2wUoQc_jXbKayE5Xwng4Z97iiEzqPUQ&google_hm=eS1YZkMzc0lwRTJwR3Jk...

170 B
232 B

49ms
49ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTKGqWB8jBevI5-dq0xykEY7pJKvhcG-qbj6sfgbJF0oRhU35IMqU8zQFMD-TYlEE_2wUoQc_jXbKayE5Xwng4Z97iiEzqPUQ&google_hm=eS1YZkMzc0lwRTJwR3JkeldnOGlnN1VIS3prMW4yRDYxTH5B

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Aug 2023 14:37:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTKGqWB8jBevI5-dq0xykEY7pJKvhcG-qbj6sfgbJF0oRhU35IMqU8zQFMD-TYlEE_2wUoQc_jXbKayE5Xwng4Z97iiEzqPUQ&google_hm=eS1YZkMzc0lwRTJwR3JkeldnOGlnN1VIS3prMW4yRDYxTH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6FB9 43 B
363 B 50ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSGQqBAM3JXjBkRmxNpi2k-Qfvt-XyR-qBM_No7ZBQyuVmGc945U8ZPwWsbAY963NTR-T7KuViqwbXkD1ZBgNZa6YpZPEWh5g&google_gid=CAESEHY_9086iqjgRwxT_596tT0&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:44 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 232777
expires: Mon, 07 Aug 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6FB9
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENs08aKfHw4x2zBJPiqAC0c&google_cver=1&google_push=AXcoOmRZyhb-aEVX4wuZV8vZSIQ6OzdidkiIKYWWskn9HILGIHtnRP--GBBF_x7fvVDrcOvsflUt9he3O0h_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZyhb-aEVX4wuZV8vZSIQ6OzdidkiIKYWWskn9HILGIHtnRP--GBBF_x7fvVDrcOvsflUt9he3O0h_62ImW2JrLwgUKhcHbQ

170 B
232 B

75ms
51ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZyhb-aEVX4wuZV8vZSIQ6OzdidkiIKYWWskn9HILGIHtnRP--GBBF_x7fvVDrcOvsflUt9he3O0h_62ImW2JrLwgUKhcHbQ

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZyhb-aEVX4wuZV8vZSIQ6OzdidkiIKYWWskn9HILGIHtnRP--GBBF_x7fvVDrcOvsflUt9he3O0h_62ImW2JrLwgUKhcHbQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6FB9 0
130 B 146ms
46ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTesOwX-5vTbET4PVpG3op6dpNGTS_D7umlLw_hVd23J4-qqDyFksPnUr39tsqPxK_hXpv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 97B1 14 KB
1 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 14:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 14:07:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 14:37:45 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 6FC0 114 KB
14 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g7scw76ahphr7h9er258bvv5ffrydzfsjenwk4979rprpzdynw6gexbtka244c3pwks8jckpj3fcrdefegf5ynq7af0wf086c1aexfh7n3qzb4qxzjhnd24kytgdhxws0qm96xfk69tpr3sqedhynq242gf4d5kgfgxc916jx53kq4f1j5na0h0szfhdv37dnhrssjds9ceadkfh02m5vq0ssyc96h1f2k9vk5mc5qsz0rfnhkgb8h27jzv2rfgt21ds1dhp0qdqbwa9ghkrftsge2wej1zw86eksz4c2svxfefd2fcz4batwbhkhzb1886pt7p2k36pw8d627ghs226f0jras2gnmnzfhz6y5nqg6q59re6fytv4ns7xr7ymtc4gjdhznvr6qk630a0dg9cekv7ashzp60tpnycn1v13nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%26client%3Dca-pub-5814941088162332%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g7scw76ahphr7h9er258bvv5ffrydzfsjenwk4979rprpzdynw6gexbtka244c3pwks8jckpj3fcrdefegf5ynq7af0wf086c1aexfh7n3qzb4qxzjhnd24kytgdhxws0qm96xfk69tpr3sqedhynq242gf4d5kgfgxc916jx53kq4f1j5na0h0szfhdv37dnhrssjds9ceadkfh02m5vq0ssyc96h1f2k9vk5mc5qsz0rfnhkgb8h27jzv2rfgt21ds1dhp0qdqbwa9ghkrftsge2wej1zw86eksz4c2svxfefd2fcz4batwbhkhzb1886pt7p2k36pw8d627ghs226f0jras2gnmnzfhz6y5nqg6q59re6fytv4ns7xr7ymtc4gjdhznvr6qk630a0dg9cekv7ashzp60tpnycn1v13nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%26client%3Dca-pub-5814941088162332%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 1049077
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQifVayDVL7lqHbADKQRzi%2FbU5UyC7%2FOw1rL2S0cb28J4JGK%2BbCnoizF%2FMHKvVOww%2BxWQKB6GmKTmxz%2F8xI12QJLiGSsYev9t04CFWdgXrPfARE54VWQ5VUloFrDnoyNk3bCJdECpoU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f30426499352c76-FRA
expires: Mon, 07 Aug 2023 15:37:45 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 6FC0 25 KB
10 KB 39ms
24ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g7scw76ahphr7h9er258bvv5ffrydzfsjenwk4979rprpzdynw6gexbtka244c3pwks8jckpj3fcrdefegf5ynq7af0wf086c1aexfh7n3qzb4qxzjhnd24kytgdhxws0qm96xfk69tpr3sqedhynq242gf4d5kgfgxc916jx53kq4f1j5na0h0szfhdv37dnhrssjds9ceadkfh02m5vq0ssyc96h1f2k9vk5mc5qsz0rfnhkgb8h27jzv2rfgt21ds1dhp0qdqbwa9ghkrftsge2wej1zw86eksz4c2svxfefd2fcz4batwbhkhzb1886pt7p2k36pw8d627ghs226f0jras2gnmnzfhz6y5nqg6q59re6fytv4ns7xr7ymtc4gjdhznvr6qk630a0dg9cekv7ashzp60tpnycn1v13nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%26client%3Dca-pub-5814941088162332%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 511639
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHNMf2l1M%2BZTWygcXa1eZGyAcOOSnu%2BvkVmvxpqMjNsWqRtBMrwt8BoC5IVoh61PS%2FxHCdWFxjWZvAp3dLDJ8QpC%2BayeeDGqiKGZmVGhXljZ77XiVzdL65CnE0NfXiNHmx%2FgWuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7f304264b9562c76-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 01 Aug 2023 16:30:15 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 1D23 114 KB
14 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jkeg0nfbcxx342yq6dn7r3a0xqrxcrxj9cavcemnnz60q9kahxg2c19929sk8kt5qhnzt441h1r3k8xy2a8sr6e0ejne1t8jg5vp2wnbbhsqadk7ejcctrzbxbra9gtwtzjvj47zastsj3aveyyfzdgks1ktefd6djwy26j57mfby40h9tv6ec5eegj7n5rxv5phx2j8nbsn1ex75k2px202w9991n8x0e8kzs846a3nc1n5ybrm4vwr6ecw206erf7ef1mg3694559t4bfxc20a4a3jreae8tm3gn1zv83m7cde1e8hjt1hhrq1bqt7jdx1292z4yevtbf21j57fmw22g1c4495fdma9aqy0yfhqk5qdwwjyzwrhzmm3fkcqzhxed66x5hqqgm6xacvvfc951kjs1b37x1f0g07fwfwhbcckmbk5mrhsknvkcjtajrw4ta&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%26client%3Dca-pub-5814941088162332%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jkeg0nfbcxx342yq6dn7r3a0xqrxcrxj9cavcemnnz60q9kahxg2c19929sk8kt5qhnzt441h1r3k8xy2a8sr6e0ejne1t8jg5vp2wnbbhsqadk7ejcctrzbxbra9gtwtzjvj47zastsj3aveyyfzdgks1ktefd6djwy26j57mfby40h9tv6ec5eegj7n5rxv5phx2j8nbsn1ex75k2px202w9991n8x0e8kzs846a3nc1n5ybrm4vwr6ecw206erf7ef1mg3694559t4bfxc20a4a3jreae8tm3gn1zv83m7cde1e8hjt1hhrq1bqt7jdx1292z4yevtbf21j57fmw22g1c4495fdma9aqy0yfhqk5qdwwjyzwrhzmm3fkcqzhxed66x5hqqgm6xacvvfc951kjs1b37x1f0g07fwfwhbcckmbk5mrhsknvkcjtajrw4ta&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%26client%3Dca-pub-5814941088162332%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 1049077
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J31YDVjA95hSnhE8kI8NjU3cfpFEIItlpRJkR0q7HmZH7pxd3dMEmghMOSFW6DADZDNBRVcqXFGcjslalkl542XRwOmt4GMiQ8WWfv4MK2RWS9aAszUhTlmJ5gmXOOnlwGHFuA5hP9Q%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f304264bc9e91cf-FRA
expires: Mon, 07 Aug 2023 15:37:45 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1D23 25 KB
10 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jkeg0nfbcxx342yq6dn7r3a0xqrxcrxj9cavcemnnz60q9kahxg2c19929sk8kt5qhnzt441h1r3k8xy2a8sr6e0ejne1t8jg5vp2wnbbhsqadk7ejcctrzbxbra9gtwtzjvj47zastsj3aveyyfzdgks1ktefd6djwy26j57mfby40h9tv6ec5eegj7n5rxv5phx2j8nbsn1ex75k2px202w9991n8x0e8kzs846a3nc1n5ybrm4vwr6ecw206erf7ef1mg3694559t4bfxc20a4a3jreae8tm3gn1zv83m7cde1e8hjt1hhrq1bqt7jdx1292z4yevtbf21j57fmw22g1c4495fdma9aqy0yfhqk5qdwwjyzwrhzmm3fkcqzhxed66x5hqqgm6xacvvfc951kjs1b37x1f0g07fwfwhbcckmbk5mrhsknvkcjtajrw4ta&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%26client%3Dca-pub-5814941088162332%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 511639
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hmni7mVWNA6DPztFsieiVhac%2BvhpPJ%2Ba5k999D9N9AeF%2Bscr49byGQyF56jMIgTkZLvN12DR1WsB%2BbHsGWQ6auPgvwtLfLWHZ1MV2uQeGIGVbAOd8Q9%2FNFVCuQTCbLjZcP8L57c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7f304264b9552c76-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 01 Aug 2023 16:30:15 GMT

GET
DATA 200
OK truncated
/ Frame CC6F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86f5124988b6d67dca088ee65a2a4a507773f82698a188d3e3dcd7e12a95428f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 97B1 2 KB
892 B 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 97B1 23 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:46:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 97B1 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:45:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BA58 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 03:25:10 GMT
etag: 48472445140208031
expires: Tue, 08 Aug 2023 03:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 97B1 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 13:47:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 97B1 0
0 47ms
45ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcuGL7AI8v3Zp537tiPiLwMxJqA5jbm0Ato6LAOpXra9IwUc_Ptfq3MLAqMYmiGxZPZMPtqYK2cje3oVnXCsI4z7Ce8g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 97B1 179 KB
56 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 14:37:45 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 97B1 33 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 93EF
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMWRR4rXbm7jnqk7zOiMCz4&google_cver=1&google_push=AXcoOmTfh46Y9ZeEwtfjDJhSYrKa8RvHGiqSqOFFrCO6tPVmpiG7h0Wmi_SS74HlhJS0pkHGc8_Nev3FPV2li9vVkSB56PFbrc6hiEg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc1MDIzNzY4MDExMDM5OTk0Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1

43 B
398 B

32ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Aug 2023 14:37:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 93EF 0
104 B 113ms
27ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEI7iADM3u0HKWPx9M6nPmxY&google_cver=1&google_push=AXcoOmRoz0YmgE7apQBBiBPo8AzfYg1G3_GUbKGsGLavjsok-H0CGFOtY09ir29C3C5oHnYYqZb_2gHrhdcFTgIq6o6uADUF6cCE9qU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 93EF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFZg-rBHKUEorRj8ZrDDge8&google_cver=1&google_push=AXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC9J...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFZg-rBHKUEorRj8ZrDDge8&google_cver=1&google_push=AXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC...

43 B
420 B

190ms
173ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFZg-rBHKUEorRj8ZrDDge8&google_cver=1&google_push=AXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC9JtY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC9JtY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f3042662a5e3aa4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1437
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFZg-rBHKUEorRj8ZrDDge8&google_cver=1&google_push=AXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC9JtY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR2HX4dNxFP75-l3dyeDtjsmGMrdw2UcuvZzdFWc2ACo7r0HmCw362VuxOKShVrDd8yu1XNRoyM0FjfwYMaMQf_XpoDCgC9JtY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f304264f9023aa4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 93EF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAdzv-jyC5220o0f2oJ1nAc&google_cver=1&google_push=AXcoOmSeaDYIZ4rv6SAUOATcm9cwwVGdIcADk2iBtN4eqxUi-Sw4pOxdviEgVtfdKJ8SGwTGeZq6qT8MtBU_99ShNJk1pp5...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSeaDYIZ4rv6SAUOATcm9cwwVGdIcADk2iBtN4eqxUi-Sw4pOxdviEgVtfdKJ8SGwTGeZq6qT8MtBU_99ShNJk1pp51rp5DsFw&google_hm=eS1RdlNOZ0JwRTJwR2R...

170 B
232 B

48ms
48ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSeaDYIZ4rv6SAUOATcm9cwwVGdIcADk2iBtN4eqxUi-Sw4pOxdviEgVtfdKJ8SGwTGeZq6qT8MtBU_99ShNJk1pp51rp5DsFw&google_hm=eS1RdlNOZ0JwRTJwR2RQbzhOZkIzRkUyMThEV2c1WlZuNH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Aug 2023 14:37:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSeaDYIZ4rv6SAUOATcm9cwwVGdIcADk2iBtN4eqxUi-Sw4pOxdviEgVtfdKJ8SGwTGeZq6qT8MtBU_99ShNJk1pp51rp5DsFw&google_hm=eS1RdlNOZ0JwRTJwR2RQbzhOZkIzRkUyMThEV2c1WlZuNH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 93EF 43 B
362 B 16ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQGXo-BGebqrZiqGfJU4xz2kMHgMMoe1QbgJQJM-SNvvnVzTiiC86DfT99CZRzohbP1NFGqNdD-5WdSfR0Qix-vKGS-GIA5atQ&google_gid=CAESEHuRAVo71dM4JMlbnmEZgec&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:44 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 213502
expires: Mon, 07 Aug 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 93EF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPxJfIlmxyuMso1eqF1MUrU&google_cver=1&google_push=AXcoOmQp6wDf625wPTHCMGXn3dHS9BBYViVSspS0YfmhUmk7bR_lbFlK00-L_yJHi9g5hYi_UvOPU-58nggl...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQp6wDf625wPTHCMGXn3dHS9BBYViVSspS0YfmhUmk7bR_lbFlK00-L_yJHi9g5hYi_UvOPU-58ngglUZPk7Ftalp05CC_H4ps

170 B
232 B

48ms
48ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQp6wDf625wPTHCMGXn3dHS9BBYViVSspS0YfmhUmk7bR_lbFlK00-L_yJHi9g5hYi_UvOPU-58ngglUZPk7Ftalp05CC_H4ps

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQp6wDf625wPTHCMGXn3dHS9BBYViVSspS0YfmhUmk7bR_lbFlK00-L_yJHi9g5hYi_UvOPU-58ngglUZPk7Ftalp05CC_H4ps
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 93EF
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIFRoZfq6e9V...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSC-IQSZ2-Ubmmu82Fcxbb1n0oO-Y3kEC_aoDFThoHheh3rI7OVT2ICazJ0sc6NWHcuu7k1D34Dq-gtlzjcvriugMuajFzRNLaA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

49ms
49ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Mon, 07 Aug 2023 14:37:45 GMT
pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 93EF 0
49 B 57ms
47ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHjtaay4nm3etHzYuAQjeMjIiER2XMQ9uBDfQ0oYK2ylp71-V9408LtEu_8JMOxbB_0KTm2A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9145040197315027707/ Frame 97B1 13 KB
13 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9145040197315027707/14763004658117789537?w=195&h=102

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5f6a873de9bca64d13b27123e88d0e4b8911937c46a9e8be22b8e3b6fc08ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 15:02:36 GMT
x-content-type-options: nosniff
age: 171309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13080
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 22:55:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Aug 2024 15:02:36 GMT

GET
DATA 200
OK truncated
/ Frame 97B1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 97B1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BA58
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1&google_push=AXcoOmRmySP_Yf3_mIJVdqndHZnEl7pJDegUxcYgs3dNe-OQXXnoDZE6HNzWttVRcvPdp_iiJ7FHQ1m4WLyWfzrLBd7vAAmr3u417...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc1MDIzNzY4MDExMDM5OTk0Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1

43 B
398 B

14ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Aug 2023 14:37:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELmmOG0dk2Z2hZBuB_jzGEo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame BA58 35 B
465 B 50ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKk7fPDnLCjVKRBmLNz9HZ0&google_cver=1&google_push=AXcoOmRNse0XkRcUxBtyvJVAR3O29UFbTOwQW4P07X4-JbH4MD4X1lKy_h15cGE4E64zpWxlJaB97AD_rQJTwQlCsJJar2mWGADeW2MovFgn5hxCRoI7q7fQV65EaCZRXYQeQ4c5AL3WB_qJmDlf_oQDqDK6auU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BA58
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEDBKB3Zf5YfGwPy6HLLj5w&google_cver=1&google_push=AXcoOmQBTVOS4ccvy7gvxgZST5yc2ydybS__5UbWYW8FCZZnr-tBTMYrBVFgArGBGbB7UQZ63KBpl3u8msbYfQCX...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQBTVOS4ccvy7gvxgZST5yc2ydybS__5UbWYW8FCZZnr-tBTMYrBVFgArGBGbB7UQZ63KBpl3u8msbYfQCXzwNxO2w9sw1UHrM10gLm1PHx0tw0je...

170 B
232 B

49ms
49ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQBTVOS4ccvy7gvxgZST5yc2ydybS__5UbWYW8FCZZnr-tBTMYrBVFgArGBGbB7UQZ63KBpl3u8msbYfQCXzwNxO2w9sw1UHrM10gLm1PHx0tw0jegTZHRax_fl5e3_TBoCTUVNH-zsBLmx_oGCOQXvz6s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 07 Aug 2023 14:37:45 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x11 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQBTVOS4ccvy7gvxgZST5yc2ydybS__5UbWYW8FCZZnr-tBTMYrBVFgArGBGbB7UQZ63KBpl3u8msbYfQCXzwNxO2w9sw1UHrM10gLm1PHx0tw0jegTZHRax_fl5e3_TBoCTUVNH-zsBLmx_oGCOQXvz6s
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 07 Aug 2023 14:37:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA58
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIyaW3iT5fMy49NolBXiRAo&google_push=AXcoOmR7I4_McUiIuztZpLXlCnwtHeCaBFV9uikGxyal-ceRuVpzxXjf8H...

170 B
188 B

53ms
53ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIyaW3iT5fMy49NolBXiRAo&google_push=AXcoOmR7I4_McUiIuztZpLXlCnwtHeCaBFV9uikGxyal-ceRuVpzxXjf8HMqOI1rRDSYs1AESpJK4IuesvQZKzBDKLOupTij8inCQXmUqH0qS21jMjiZx1vAkf2jZMhBhRG7S0M2hBla70m2oHKmAozUWIACdEY

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230070-FRA
pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1691419065.205261,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIyaW3iT5fMy49NolBXiRAo&google_push=AXcoOmR7I4_McUiIuztZpLXlCnwtHeCaBFV9uikGxyal-ceRuVpzxXjf8HMqOI1rRDSYs1AESpJK4IuesvQZKzBDKLOupTij8inCQXmUqH0qS21jMjiZx1vAkf2jZMhBhRG7S0M2hBla70m2oHKmAozUWIACdEY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 sync
x.bidswitch.net/ Frame BA58 43 B
145 B 30ms
8ms Image
image/gif 3.67.123.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPWg7SMCRzHy4F_z7774xKw&google_cver=1&google_push=AXcoOmQNaDFF4xq8cTc3xoNDNxTtVT9-k1lstW9ht-pMvV9bj3xITiRSA0-Tw2EAtqaapWDICEG-Z4kWz5B4mpIE1Ismfn9C0wzdPQMsQQYaW_PKVhzjWh6pZOKbWF7kkE9ZXE5jirY4GQ82-sDEnJS0VGhDog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.123.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-123-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame BA58 43 B
362 B 17ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT2ZUENz-Ts1CHBIZk_RVLzd5Qf7mtDL8hRAhEuc_RHAXBKRgwlOHSaIn3O9jfzg_aU3m92RYPNAMVIXSaPpcqbU9lR1KPotMHqijFgqT56UAiOv_c3AVWWmr-Bx9_16gu0ANotY5X4PkfYiouW-uI43ek&google_gid=CAESEEnQI1J6I_4LTa7bKHqTObY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:44 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 183674
expires: Mon, 07 Aug 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame BA58
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEORmug-GN28M...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRBP04oomtt5SzJN9zCUBO1NSckd0YhV_TiGAcMXj6f_vy8P_HkGggj-lCq1GgiqleFo8RVA3eXmfHnyc3BljyFbQxiS3IGRM02__Ct5maP8bkSa...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

37ms
37ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Mon, 07 Aug 2023 14:37:45 GMT
pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BA58 0
40 B 49ms
48ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jx2EV20kDbsfeHiRc2BUSdTMXEBekvnbcaTsghzbfakNCIOCRWHxBVHpQ1cZCCt27nlE8Kvw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6FC0 3 KB
3 KB 66ms
28ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 931
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZX7hahIMEl7lM6u4ig5s38TeuM2m8qoj7YLKX3GsVWBbqr9YrAU%2BmLQvTQ3R%2BvbC054Rlg6g2CccZL34buQ3QdBQsgWKjbYHbqO7HPuDMDB7uJe6AEXtPhD7gcdoQaVSdKvsk94wFModJFbOqN9zm1V"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7f3042658c2630c0-FRA
expires: Mon, 07 Aug 2023 14:25:19 GMT

GET
DATA 200
OK truncated
/ Frame 97B1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cdb38d83ea97635acae4fdec5784091941953efe7410475dd36849bf25dced0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1D23 3 KB
4 KB 60ms
27ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 931
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETAW%2FzQ8RMYVjoCjOz7IA3amhoQQUPN9UkccBBo4sXmRddBe0szGYNFnL5CfEfmFC7zCU2KWQjij86Bjk6RrKxj4Xu4zOL%2F%2FlVL2tty7HvWep5rJi4yeXoeqdEJYCYLpJMfDl4xQROtlCftFh4jJSDBf"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7f3042658c2730c0-FRA
expires: Mon, 07 Aug 2023 14:25:19 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 260D 2 KB
1 KB 17ms
17ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 762001
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7f3042656d3091cf-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 07 Aug 2023 14:37:45 GMT
expires: Sun, 09 Jul 2023 00:24:59 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fOQivZVSlsbVm7WjO5SFtfBsmdPRNgQ2NaBybV8he4Ri%2Bm8U%2FoBfxp2bqV0T%2BsY8pwS51fpC9Sf9mKPyJ06GveEhFkSZFTkc2FfXJKHU4OcxKxJZOQI88u%2B3A8zK%2BikKChzQO4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 3493 2 KB
1 KB 16ms
15ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 762001
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7f3042656d3491cf-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 07 Aug 2023 14:37:45 GMT
expires: Sun, 09 Jul 2023 00:24:59 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8VMLoqJ5s0PiX0Gcm%2BA5yoqWbGEHHtnAbp5xp7cTSY7hYZZfD8nhV1EnBCmIpTXmkPt17ZSd5brIbzPzSkwBkq0Y8QITdX0ofnOIgrMnNvZoSx71NNnma4cJG1e%2FrfY8FJdHTg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 97B1 33 KB
33 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 06:16:50 GMT
x-content-type-options: nosniff
age: 202855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 06:16:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CC6F 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYrRYuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTIAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAPy8XyGRnv18YhHobU2T71ans-D4y_EWJhvqInYUFPrV7ZXhVE2u3gAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTgxNDk0MTA4ODE2MjMzMhgA&sigh=_5D-_dDxkMQ&uach_m=[UACH]&cid=CAQSOwBpAlJWn8hx7POaXgcmTidvMpDNVay3OAzUr_jNi-MZdOAL1H9GRAGhhclhyuU-TfG6jEJ5sGd86tQXGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 07 Aug 2023 14:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame CC6F 0
39 B 22ms
20ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1grvszsye0nrffqw27x029t4c4f7gye6k31842jab31053wj0pas09pt1rm10y08tyxyceqeqrnt644rmsmj3rkpw7fyq2c3155p8qcpecrm8bk8yyr384mfgb1yhzzapzsvvmgeddeb4wmpps85spng3etfc27ne83jyycdf8r4dxvj1pvys2xkv3btzr67rfkvkc7d741ppztsvty0xwz4pa7mc2gyd7trhh97gxynvdjj2g55wm6c7f385svwmb4aqwrre3fwp3kmf80tfy5pyt1ay2pq08w8kj5n1eqeec9qq85ywn8pje5dv4spgfeyfahg6b4jkrxe5pxw5b3dgzbwkr7jnxjkrq0y81xv3j08dd4te61ctv7xaqrkknbam02txw&b=ZNEBuAAEGekKYugIAA2BqsPtdxb8SkBBnhkRHQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.4&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280&nras=3&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=24QPmdzuDh&p=https%3A//bloxfruitsdojo.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Aug 2023 14:37:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 56ms
39ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f304265eff02beb-FRA
content-length: 24
content-type: text/plain
date: Mon, 07 Aug 2023 14:37:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkmhSAvVALx9hoosnaW04Q%2FaSLdh51sIPpMdRkuI5qfxOEUMKfqvhWRBvZSOsoop8AKmSXz6LGImpZ0zXB0j%2FROKnyi7U0E9LmVJivaFfuqEl%2F200LmzzeHYxWrILzoyoVOHAIM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-5x73

POST
H3 200 rs Show response
ad4m.at/ Frame 6FC0 1 KB
2 KB 39ms
39ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7da37c8e1fd838a5443d7dc97b6ecca11bd8dddfc0b2d3ba1f8241d978fa45e1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXqaR9LeHO58bekTnpHEhNlQOD0bLcriz64A73f79mVOrk3a6qUW6D5BMhKUXVf6s7H8gDZAvBUkBgn%2BfintiAv9S%2B2JIDnBGohcdmdjU84IeXVmmfcTENONQE9hGMxeVvJDcBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7f30426628592beb-FRA
x-backend-server: aa-reachservice-group-europe-west1-5x73
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 1D23 1 KB
2 KB 45ms
44ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5e167d0cb1595930aa3d96107c84c91f8b0ef1ea460f477f1f932bc61b6b1b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjL5lmuMDKz6f5dL%2BXR256GE1yd0SAIEY1lcMZ0520D1PzJdVG5FHZwQS8Hs%2F0pSgH0%2FOH8oCY4RbYEOmdNHZUzITtT4XFQGAC8d1pvIgcX0uQ3tKjMK4PEU91MQqHJ9lqiFwl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7f30426628572beb-FRA
x-backend-server: aa-reachservice-group-europe-west1-5x73
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 55ms
39ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f304265efee2beb-FRA
content-length: 24
content-type: text/plain
date: Mon, 07 Aug 2023 14:37:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CMW3KKMNxGufeoHYc8a3fS9KMQQSx0hNUcaaQcKkcxeSyBmfaAF50vnqThYD3j9ODZPM8M8TnWLNUM3PdKkPBOlbtDu%2BivR0ua9bYxFmj5VD%2BPdjtbSOP913GwhWelx97JJ%2FBg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-5x73

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 97B1 0
19 B 80ms
79ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKVDHuAHRZI7bEIebngWPiLzgCrXdruJx46O7_dsRZBABIPX6qxZgleKQgqAHoAHss_LAAcgBCagDAcgDywSqBPgBT9BGFMSVhm6xdeWhQ4VQ_obyEj8H_OER8529rJ68W8yLJFxQw5IDCR-TY72-7DNi-HvzC1hbtpFVO-WE6iYbcoBSgkNTBEJOGZQdu97Aknpb45wbAy0NP9wh1p122RmP5VXC6THBDobEYcOsvwQsU3jwZEyGHysgkahOSvnNmP8MrMc68_XHA7FAIw6uOk2yw29y2vDEKIzo4rljCxMCELmht2O8C7y5djwf5--l7Yyxrpaoebvdr07vYApImzvj8-PsDN7xfz029WmZfi1Eqdl3birXrCD45OYgiRSRSkhNznbZ5ik8ywTiJ5vjdVwqLTMQVwmRVTzABIehpLaxBJIFBAgEGAGSBQQIBRgEoAYugAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEK_3AdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01ODE0OTQxMDg4MTYyMzMyGAA&sigh=9fLyVCVhXQQ&uach_m=[UACH]&cid=CAQSOwBpAlJW39WYg8RKVxyz6-4i3mzrg6b8bDIUtgl0yWJmIpHNDb_QllxCv4q6aXMG2dGqu9Twf4ZM-cZiGAE&template_id=5000&cbvp=2&vis=1

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 07 Aug 2023 14:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 39B3 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&daaos=1691355654162&w=1200&fwrn=4&fwrnh=100&lmt=1691419064&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691419064166&bpp=1&bdt=1753&idt=1&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17638d9b71c682b3-2238ae4d4cde0030%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A&gpic=UID%3D00000c502685cbeb%3AT%3D1691419063%3ART%3D1691419063%3AS%3DALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=517206307518&frm=20&pv=1&ga_vid=1863656164.1691419063&ga_sid=1691419063&ga_hid=495018580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076088%2C31076684%2C44799239%2C44792013&oid=2&pvsid=1324360723411212&tmod=179515891&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=u8cIwT7cBo&p=https%3A//bloxfruitsdojo.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Aug 2024 12:57:58 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 88ms
87ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a45fbc596c3d526742b139dcccb3cce3aa9064c360a2af2023bd6a6e9a503f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11751
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 86F7 9 KB
4 KB 32ms
31ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ac8ba6e8e922b66c5b2199bc0a4534e3eed00cf674b470f86a4bf784d13a59

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g7scw76ahphr7h9er258bvv5ffrydzfsjenwk4979rprpzdynw6gexbtka244c3pwks8jckpj3fcrdefegf5ynq7af0wf086c1aexfh7n3qzb4qxzjhnd24kytgdhxws0qm96xfk69tpr3sqedhynq242gf4d5kgfgxc916jx53kq4f1j5na0h0szfhdv37dnhrssjds9ceadkfh02m5vq0ssyc96h1f2k9vk5mc5qsz0rfnhkgb8h27jzv2rfgt21ds1dhp0qdqbwa9ghkrftsge2wej1zw86eksz4c2svxfefd2fcz4batwbhkhzb1886pt7p2k36pw8d627ghs226f0jras2gnmnzfhz6y5nqg6q59re6fytv4ns7xr7ymtc4gjdhznvr6qk630a0dg9cekv7ashzp60tpnycn1v13nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%26client%3Dca-pub-5814941088162332%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f30426a1aa291cf-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:45 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 7A37 10 KB
4 KB 32ms
32ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f82a57fb3782e8b8edcd22969557f6868b97c604a034fa3e00100cc927268aa9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jkeg0nfbcxx342yq6dn7r3a0xqrxcrxj9cavcemnnz60q9kahxg2c19929sk8kt5qhnzt441h1r3k8xy2a8sr6e0ejne1t8jg5vp2wnbbhsqadk7ejcctrzbxbra9gtwtzjvj47zastsj3aveyyfzdgks1ktefd6djwy26j57mfby40h9tv6ec5eegj7n5rxv5phx2j8nbsn1ex75k2px202w9991n8x0e8kzs846a3nc1n5ybrm4vwr6ecw206erf7ef1mg3694559t4bfxc20a4a3jreae8tm3gn1zv83m7cde1e8hjt1hhrq1bqt7jdx1292z4yevtbf21j57fmw22g1c4495fdma9aqy0yfhqk5qdwwjyzwrhzmm3fkcqzhxed66x5hqqgm6xacvvfc951kjs1b37x1f0g07fwfwhbcckmbk5mrhsknvkcjtajrw4ta&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%26client%3Dca-pub-5814941088162332%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f30426a1aa391cf-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:45 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C40 42 B
64 B 143ms
142ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttEWCWvYyUcCtx2I1qJkMxmZjMvaqmqzsAWNvA0dHf4cGnQ9oTawR3WvZSLrezIjxmAo0_0Ib1LpUFwv_kDhL9z5tX7YUsoNOQ8NHHri8Z8VEWYCtb10C_Tipm-pUa-y8sJWdZ0qTXXniU&sai=AMfl-YR-zGPmUsUFHh5dScn_WKM1Ih7qHIUqZ4q46uu2JANuLbQ2-P9-byWHhjsqjwblg2_z4lQ18gR0sIXN&sig=Cg0ArKJSzGzE8w-vP1UFEAE&cid=CAQSGwBpAlJWgSnnC1fg-omPyWuIpbze8nP1xozQYRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,767,1000,1042,1042&tos=84,683,233,42,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691419064270&rpt=308&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8FF7 42 B
64 B 143ms
143ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgtDFV3Xqa1HcrR2d6eFUP-jERa0q1AiseTu8S-NP3s2KYjR9UzVToV569uXtqUMNsaq65YYLYWVSENQsSrBpaRdqk_wmP8Hq-RS6EjYF-5pFBNgp0CPIE_SLpnxPHnboH68HgszCdey1v&sai=AMfl-YRH0hgOJMvc63uO8r4t2Pl1kPG3C-iKXt2--sNPI_UTaSTKhHl0sotD1MFYyiEsbR0ipoPH4Siv7A7v&sig=Cg0ArKJSzJIppI6T0osmEAE&cid=CAQSGwBpAlJW0n4fXfF3QnWOhSEnxmTrHrqlgfgrEhgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691419063003&rpt=1726&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 14:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:37:45 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 86F7 114 KB
14 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 1049078
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n55BAb0I6r015LDqpJud4Ckfcn0vmUMPUQxAxN5zzFYG%2BDK2xU3cUOeWbVO80cSSrw1zwcFa6cmO%2BOZfSaUFe3sVr1YbsCgAWRqKHEh7ygHJTyltcrqPUyhYkGbSjjENfRlyL%2F8Gvo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f30426a9b1691cf-FRA
expires: Mon, 07 Aug 2023 15:37:46 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 86F7 44 KB
44 KB 47ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1786207
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu5DWyTOb3koIXlfF0wpnlRdrDR%2BKOoTS228cvkULK1xB54rRzV1J%2FvJnEm3B03S93FQf%2FBNa0VkIsKWcsUwr34iyC6LEC9svkVSBIDNtGWcdZ7KGl1pk8BySYSW0NdsHzIMT9wfsLUgJNzl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9c92c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 86F7 699 KB
701 KB 62ms
43ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020168
cf-polished: origFmt=png, origSize=1123807
alt-svc: h3=":443"; ma=86400
content-length: 716228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 14:19:55 GMT
server: cloudflare
etag: "5f84457cb2289c51e589af098eed3611"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hf4R2z8O4dQC04Y6BMnLj%2FscpL6xmTxMHYEXPF6bQItNMwHjSC1tFagnPzZqZJKi4pJ632oNpujgxPG3pOZm%2FEwi1FXRqfWYcFL7GrgVIVzVf3C4xQgjAC0TTX3%2FlzeP2CBCwCwTcO1eCAvx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9d82c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 86F7
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1691419066_f98349d0-352f-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=

0
492 B

52ms
19ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1691419066_f98349d0-352f-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 7f30426ba816925f-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 07 Aug 2023 14:37:46 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1691419066_f98349d0-352f-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 86F7 53 KB
54 KB 47ms
29ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423806
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FA8jMK9qyYxfmCXiS%2FyGfGMydQD%2B0akWQF4orJK5Qlk0TWWe1Tn0nQmi3gnf28X2A5ZGAsrYa8YZUYUwgY4RwMCvFIaxTXnNFHdN6wDNahiLCfw%2BMwrps61KrDPdyTg7fxCrq5tVqP6Nr5K"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9cb2c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame 86F7 22 KB
23 KB 54ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1181801
cf-polished: qual=85, origFmt=jpeg, origSize=60344
alt-svc: h3=":443"; ma=86400
content-length: 22974
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 22:26:34 GMT
server: cloudflare
etag: "06609266defcd14ec685b2464aeced2e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfdZx8Y0Wj3855oVLfog%2FOpF0IbeHktDmJc05%2F%2Fn3PyQeFV7DwWZMulkyIDm7oVO1Fi0Czjv4CJs7Lz2i777pxeT8BQbpYn8SpxMO5uKDlwy7%2FF34JSQx8z7HnyexYFhF7EP3WHkSSJ93Clg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9ce2c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 86F7
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMag7oTjyoADFbmJgwcd45EDaw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023080716374687653205391X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202308...

49 B
1 KB

67ms
22ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023080716374687653205391X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023080716374687653205391X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 14:37:46 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023080716374687653205391X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023080716374687653205391X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Mon, 07 Aug 2023 14:37:46 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 86F7 10 KB
10 KB 62ms
44ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2550352
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drLgH%2BsfBf5hhQja5UGvstXpGZ%2BmRcOXBT78%2FIqqdSTPa93Yh9%2BgT%2FpMmBokgSU1QkeHdnmVhOPRZkUKL190uB0o0qzHzHji800CFRD5mFvFauJHU%2FXRQLfAdJnXV4Nnd2jvg5NunL33EL0g"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ad9f92c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 86F7 83 KB
84 KB 59ms
42ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7992882aa0838cd9d41c9e9bcef9e10576c790b9a325c060e2a8ab00922876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 861763
cf-polished: degrade=85, origSize=176144, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 85317
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Apr 2023 15:13:36 GMT
server: cloudflare
etag: "de500d9f72516b39943c63adb21d5ebe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FKxORs5lZh1uIjVlzEay407bry8QsbbH7UwIDlTNF1z0LOtNm7M0AZA2N2UIbNV2H9tC8TrxTshtTvxOTKxoup1WqvJAvgxcPARU7B0pWRbYCn3Ng1ODA%2B68pxKZmb3oSWa83NhvDzL4cmA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9d52c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2

200

view.aspx
pb.media01.eu/ Frame 86F7
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_...
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&action...

0
608 B

70ms
22ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=981741&produktid=&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:45 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 07 Aug 2023 04:37:46 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 07 Aug 2023 14:37:46 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59B92:B4D8_91EFC182:01BB_64D101BA_1864B886:25BCF
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=981741&produktid=&dt_url=
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 7A37 114 KB
14 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 1049078
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XivPzVCmJM2n%2FV47YiDt65X81bLFyAFLDN3JCJiuf2SEy8EnXwTNGrp2S1vn9dWskKMPwjIHwcLCbfM2Ex%2FQt5YpLIehUYfK7D6PJ4yMkEo1AQVaMdErGhD9jkUcbBKiehct9L8alu0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7f30426aab1a91cf-FRA
expires: Mon, 07 Aug 2023 15:37:46 GMT

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 7A37 32 KB
33 KB 65ms
44ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 846728
cf-polished: origFmt=png, origSize=60352
alt-svc: h3=":443"; ma=86400
content-length: 32982
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Jul 2023 11:40:29 GMT
server: cloudflare
etag: "0c5d451d92738dcd96474c734dc5b7c8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k%2FGBDd6VL3n0K5Cyq4EHBAi9IX9CoBqEUujjYM6mtz%2BsuqP3PAqzfyhLiiTw6GeP9piMILMA97hlZqRagUx7Hmj4Ni779hjCITeoskGxklIa%2B2hRDUBOnQFXzLDAK6tPFZr6k5ZqFzk8H6j"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9d72c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 7A37 54 KB
55 KB 54ms
37ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 697741
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHp%2FlHuRB%2BzytyB3PMR%2FmwO0d%2Bu26AFOpyDyTWUQ2e0pkRzRS2OQ%2B5%2FVGxqEoKHdLY4QhBsJJIwzSifZEFsxd59Y1R0kT8lEh9aTLKrVVYas03f64aCpRXHYfb0AmNc7YDUarcF0S2PXIUXn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9d92c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 7A37 44 KB
44 KB 60ms
43ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1786207
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EABaZx4awX7aOJxo1IY41AzuHz9Vm5TxaBnWBeZdrS4CwVs0u6HugYQdyN0DLjaMnS7d5GcfdwTHzoqbcPSJuGrM4s%2F8u9Df%2FSh6dxsMprc0sh1qGpz%2B9fbX%2FVcKrk%2FktPUBbzp8WmO0qPsK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9cd2c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 7A37 699 KB
700 KB 61ms
44ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020168
cf-polished: origFmt=png, origSize=1123807
alt-svc: h3=":443"; ma=86400
content-length: 716228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 14:19:55 GMT
server: cloudflare
etag: "5f84457cb2289c51e589af098eed3611"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMy8S7zDtcIrSSFGF4vGVaf5DinJwhfVstgCU8iG233pSBHHROU7%2BlM87OAYxOLbhZ2tsitR7GbCSDN%2FLosGTZITKIrJtJ6%2Baj2mG6RfY5CFCypsWLeJFtu9RKNVT8xVZjHcXFXhc4g1gmUr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ad9f72c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 7A37
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1691419066_f984f780-352f-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=

0
316 B

53ms
19ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1691419066_f984f780-352f-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 7f30426ba813925f-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 07 Aug 2023 14:37:46 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1691419066_f984f780-352f-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 7A37 36 KB
36 KB 60ms
43ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2549836
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub6JT8E8PcdHF3XnFfjnL4lpYw3zxAoSikFixrdqdoC4uY5CcvtJyLF28%2BL3HULIWR5BpocamYVBNl2TdwgJ1GpH8VXe22D8dcA8miR1UwO9%2BMKP8LeDi4jr4EFooeZm4afzJyS0bFOpd0sb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9d32c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 7A37 38 KB
38 KB 54ms
37ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 426355
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5izuyr9dQBE9ne3znJvuRUgX9Y1%2BXY%2BbfiAdQ79atfIcANNn4e%2BF6PGuCrAF4xtJk4Wa87fzMoiBDnPxyysI4UabaeOvMI5W6Pwe3sLU7EakE%2BfENc8LwXF9WTDkI7X8%2Fb3WsHSkwqZ4pZeP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7f30426ac9d22c76-FRA
expires: Tue, 08 Aug 2023 14:37:46 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7A37 43 B
705 B 111ms
75ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6Aoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Aug 2023 14:37:46 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A11 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:04:18 GMT
expires: Tue, 06 Aug 2024 14:04:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E171 783 B
534 B 52ms
52ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d03d7596d2232e2fad2f4b749de939bf26aeed97577d1e7ee15774b5ddc63cbe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KvhrNZhYh4wF4t8KhF0RAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-KvhrNZhYh4wF4t8KhF0RAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 14:37:46 GMT
expires: Mon, 07 Aug 2023 14:37:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7A37 2 KB
2 KB 148ms
74ms Script
text/html 35.177.233.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfv3nqx7b2dpxmct3xs7tcdf69znm9mbe5bpe7xc4k85as447hygakev5wz0168pxrh84ymhge9py33dv5yczdej2td50p0p6j3g4k41qats6nze3wzdt1pqkx1zya6zkv7nghbr4debnka4rj1d7agr24yrxbctcspmrsje04zag5bg9hk1z8e2fwzdzncrbx6pbqmwxjyv2emq09h4sfn1n1gkr7w8q66zq8mgayhy39ek8p1c1gx0bs4vw8ar3mg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%252526client%25253Dca-pub-5814941088162332%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.233.254 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-233-254.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 897540e8fa9e284e75bd73315371d4c3299051dcdd97f62b83d5fb97dc59871f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
last-modified: Mon, 07 Aug 2023 14:37:46 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 07 Aug 2023 14:38:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E171 0
0 190ms
186ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=1324360723411212&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A11 37 KB
14 KB 89ms
87ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Aug 2024 12:57:58 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7A37 85 KB
31 KB 81ms
15ms Script
text/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfv3nqx7b2dpxmct3xs7tcdf69znm9mbe5bpe7xc4k85as447hygakev5wz0168pxrh84ymhge9py33dv5yczdej2td50p0p6j3g4k41qats6nze3wzdt1pqkx1zya6zkv7nghbr4debnka4rj1d7agr24yrxbctcspmrsje04zag5bg9hk1z8e2fwzdzncrbx6pbqmwxjyv2emq09h4sfn1n1gkr7w8q66zq8mgayhy39ek8p1c1gx0bs4vw8ar3mg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%252526client%25253Dca-pub-5814941088162332%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9d111b6420f698c67110f8946a9e8509161940d3ec26c48933ee9c2289ecbd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:11:34 GMT
content-encoding: gzip
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jul 2023 12:12:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1573
etag: W/"00a433fd3ec769592a019a218791a591"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: emtRZwc6uClaGA1Yaa72BillOXBqfNy6A-cnBg0nMhZBr2Ptd4gXQw==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 7A37 15 KB
15 KB 79ms
20ms Image
image/png 13.227.219.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1691419366&Signature=hBjOredkax7Yw3svMgOYnbBeG-FFjdJ1BwMKnH29-RtCuyPYM2ZncYjBWsUpwFTbJNH7XBLPgJn-PslHUb-jJVNOT1nEU3YOuTpf0JdHD8lrcvcQWBv8grdIrLEyQUd91mqomELe6IYofgsEDimEXvBM31c1lXUycSOEgY8jPDSGgy~87~guA6grFmOsbAvEioSNQ7xl0-n5iPI9rwfFRv9SLPsO6Fss68BLCKneCaYTnp0me3JtY1-h6ke8gduc7~KPT1753XwTvXi6h--O4-IFq~WXiMg3nfpTVCWajDVK4uYHXxLc8hr5W3mF3AUSsv3BqHqx90j0b1XkC1VEyg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-46.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 06 Aug 2023 21:21:44 GMT
via: 1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 62164
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: vUC7KUYWeY7cbVCm1JuGRi0eAFKaqtQe5BbVMB7nsv8TUMxA5EQyzg==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2A11 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?j80NJA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:37:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 143ms
142ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230802&jk=1324360723411212&bg=!UVKlUgbNAAZGOVy5Zjk7ADkAdvg8WpFwirrPNRNVsLzfgj5MDCW1wLFD74aTKTTO8UjtEnM8x9ph0p-vCewV6Ch2BWNRdL6IG6sCAAAAgFIAAAAGaAEHmQK5NhLtkQK6Bpk7yKsf0EdcZSRaWeD0I6bf4VEd_yPga4kA1OyMkP5jTPxStMZt9iwDvDmYJzsqiPo6FoGPWPD3mMFk7agNKK_0JOjl1U5XxKLsGLjQJd48rLEF6nyuZ3-GbTn0IqO85whczANYV6PMOECf8G2fYOWSq538UqrVEZbsDXjfcpUnVQY1G6aFFdthUYIOpHjdA9klCKCBxI-GMQTWCl5cLHQ7kMvJWjZ5Ca6ynjUaJOtH8Yx2gzcqhptrW68hJELxwGsejYKso3SVOh4WwFTWQGD-GJKfmjhHu7nhJS7kO-LRwryYfbXDbPMWpJaBmipjdeGFQIPkWQ5sa2ZTjLDCYAbwy7dggKanLKO2JaAGBSSSpNJXR_5_f9JV8U7XDTle1aElJ5bddaryyFMwql1An1oaIfnUiljKeA76CrU65D8jMO9H85sgcLUVbRd9vVsgy65_p7g0Pg9JpLzC-ZbkdTha4fsnr4es-URRyj7TiX9FtRDM5DyKYkvSIsV61zY34mUVNJeKPkUAeGv-cqAtAUZn17j3B2DebYMDdNLccr9qi80oz6h9YI1_wUUjudR1NBNciayiHYa13TNgPYTGYfXGUgSmMk3afAYKKdBT-Dq2JBUo7OrqZWt42PHTTf_c9Jk1nxii5iV5Cv77FdapRiAfWa95Sa4rePXNVho00x02cKeC7OhH6mKAwybicD_g3giJA_fsLq4TWzoCc_POPZgsjoTR_LsE-9ueSW3lcXg7JEmh2YHv0xvdmvvdCHwTm44V9_YdbNOX8Y2MvUfo2jvKlY1pSB4UjBtHlS1m0aWJhhxGz8U4dg7_1nGOnrca7ETn4Ii50rEnV6rK4XapaYiSp4mj3wJdKS-jrsTvgdGp5MbXWjdjZvy32jd8qGUXOEhELe-T87ibN-Okf23CsOhK6Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7A37 16 B
209 B 72ms
72ms Fetch
application/json 35.179.30.203

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.30.203 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Aug 2023 14:37:47 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 86ms
20ms Preflight 35.179.30.203

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.30.203 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 07 Aug 2023 14:37:47 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bloxfruitsdojo.com/	1970-01-20 23:26:19	Name: _ga Value: GA1.1.1863656164.1691419063
.bloxfruitsdojo.com/	1970-01-20 23:11:55	Name: __gads Value: ID=17638d9b71c682b3-2238ae4d4cde0030:T=1691419063:RT=1691419063:S=ALNI_MYE5nlBCzcFzq0uniCYCf2YPTCa7A
.bloxfruitsdojo.com/	1970-01-20 23:11:55	Name: __gpi Value: UID=00000c502685cbeb:T=1691419063:RT=1691419063:S=ALNI_MYSylZmNCdBnlIeMjaFIKxPgz27sA
.doubleclick.net/	1970-01-20 13:50:22	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:11:55	Name: IDE Value: AHWqTUni9J0QWyxmmP-mdSEzF2wDYqvZ5lTmPYhonTG6zBaGlA2rnaxwJwy_KHaHRBo
.mathtag.com/	1970-01-20 14:33:31	Name: mt_mop Value: 4:1691419065
.turn.com/	1970-01-20 18:09:31	Name: uid Value: 7750237680110399947
.yahoo.com/	1970-01-20 22:36:16	Name: A3 Value: d=AQABBLkB0WQCEMZ9VriZmNGp-ZSwGJUha90FEgEBAQFT0mTaZAAAAAAA_eMAAA&S=AQAAAgfExHY66KUEzCyBioG-1Mk
.bloxfruitsdojo.com/	1970-01-20 23:26:19	Name: _ga_3MK7NNWSET Value: GS1.1.1691419062.1.0.1691419065.0.0.0
.quantserve.com/	1970-01-20 15:59:55	Name: d Value: EGIBCQHTKYEA
.quantserve.com/	1970-01-20 23:20:33	Name: mc Value: 64d101b9-3398c-12b7b-06b8f
.everesttech.net/	1970-01-20 22:35:55	Name: everest_g_v2 Value: g_surferid~ZNEBuQAAAj6HbAAb
.tribalfusion.com/	1970-01-20 15:59:55	Name: ANON_ID Value: a5ntuJsjyDjmTFM6EKNQhkinFHIGY7DLVsxP2CYNfHqdnBCqsbQWbYnOnt7bwNlAGBLOOV7IMrNqtXZcdN0GpB1M2
.awin1.com/	1970-01-20 13:53:11	Name: awpv14702 Value: 412871\|1691419066\|f9856cb0-352f-11ee-b98b-2233369fc7ee
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.awin1.com/	1970-01-20 13:54:38	Name: awpv11354 Value: 412871\|1691419066\|f98349d0-352f-11ee-8502-226591661de6
www.conrad.de/	1970-01-20 13:54:38	Name: CEAffHA Value: YD
www.conrad.de/	1970-01-20 13:54:38	Name: HTLP_timestamp Value: 1691419066193
.www.conrad.de/	1970-01-20 13:50:20	Name: __cf_bm Value: l8sfy3.5vtqnHms44aSYwNPkmlL.NlnPk.PkfVqVSQw-1691419066-0-AYZ11TvTa1c2mn/hNYg1PjxJxjqYay8MMoMxyKWmb0PUw+HwL2+uWGi7OkWp+ThhXGj5GjJ55yc6tJ+RsKHX8kw=
pb.media01.eu/	1970-01-20 23:26:19	Name: DTU Value: F8F716B57CCB2B2ECAE17238E9FB71FB
.doubleclick.net/	1970-01-20 18:09:31	Name: APC Value: AfxxVi4rs832V617KaMBydrDbwUKPKNBSgUdBnehk2Gh7hIXaAG_5g
.o2online.de/	1970-01-20 14:00:23	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjkxNDE5MDY2dmxlYTFkZTIwMjMwODA3MTYzNzQ2ODc2NTMyMDUzOTFYMTE3NzAzVjEyMjYxMzI3MDJNU21tX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 14:00:23	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 14:00:23	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023080716374687653205391X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjkxNDE5MDY2dmxlYTFkZTIwMjMwODA3MTYzNzQ2ODc2NTMyMDUzOTFYMTE3NzAzVjEyMjYxMzI3MDJNU

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://as.ad4m.at/ad/dr?ed=1g7scw76ahphr7h9er258bvv5ffrydzfsjenwk4979rprpzdynw6gexbtka244c3pwks8jckpj3fcrdefegf5ynq7af0wf086c1aexfh7n3qzb4qxzjhnd24kytgdhxws0qm96xfk69tpr3sqedhynq242gf4d5kgfgxc916jx53kq4f1j5na0h0szfhdv37dnhrssjds9ceadkfh02m5vq0ssyc96h1f2k9vk5mc5qsz0rfnhkgb8h27jzv2rfgt21ds1dhp0qdqbwa9ghkrftsge2wej1zw86eksz4c2svxfefd2fcz4batwbhkhzb1886pt7p2k36pw8d627ghs226f0jras2gnmnzfhz6y5nqg6q59re6fytv4ns7xr7ymtc4gjdhznvr6qk630a0dg9cekv7ashzp60tpnycn1v13nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%26client%3Dca-pub-5814941088162332%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jkeg0nfbcxx342yq6dn7r3a0xqrxcrxj9cavcemnnz60q9kahxg2c19929sk8kt5qhnzt441h1r3k8xy2a8sr6e0ejne1t8jg5vp2wnbbhsqadk7ejcctrzbxbra9gtwtzjvj47zastsj3aveyyfzdgks1ktefd6djwy26j57mfby40h9tv6ec5eegj7n5rxv5phx2j8nbsn1ex75k2px202w9991n8x0e8kzs846a3nc1n5ybrm4vwr6ecw206erf7ef1mg3694559t4bfxc20a4a3jreae8tm3gn1zv83m7cde1e8hjt1hhrq1bqt7jdx1292z4yevtbf21j57fmw22g1c4495fdma9aqy0yfhqk5qdwwjyzwrhzmm3fkcqzhxed66x5hqqgm6xacvvfc951kjs1b37x1f0g07fwfwhbcckmbk5mrhsknvkcjtajrw4ta&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%26client%3Dca-pub-5814941088162332%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C34719&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=54fc3ab9ec47817ff714a288587371da%2F3662829621269956059&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1691419065328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5xsjp2dy12z4xap9fvkwxyqf3494wb2hvbchac3ra0fna02z4f3t7ghcbvr6dspz9s3z6dgsgravh8apfbgsmtfq4txacrzpkyaqav6mr6hjqxwdepfcfgtrvmv3782k5qd9qthhfz6pd2chyxwcmh8c88xhe535s0nkmfzcx9ay7znkfvbka18ktzhv7xtrn5yt2rxpaz6egga556wbxmt59ht1e3fexq7vrdn3g3841vhcxawjdf3k9jhr8k69dh1f7wd73p7fgycdn0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1RHPuAHRZOmzEIjQiwOqg7bgApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4MTQ5NDEwODgxNjIzMzLIAQmpArqH59IdbLI-qAMByAMCqgTLAU_QCrXP2X2Y5Zb4Fpv0c3nanX1IK2Anmj3P2XebdCm_PObZQA2cZa1xldznvRd92DxLTfnN4k8z2ho21dUO0Wo0gDG0wUnJP7q5XwqaP-EQZlmEdHEsME9gCPpz_jQ32QrLN72kI2WhFDxTt7g6Zi9MDDH9gm_J2AMRxKvwiU0h4WHDlA_Sa_6HdcXGzxNfyosyQUIFGUoLJZYrW3KzdYLAP20V6fawRthYTP1Txb6yR1vV7DSf9muRW3pK1Bf9qqtXfa2JjCt_FKmqgAaGkbua__XNo3igBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1k4I6Pa2wnoIKTUWcUbdYQVyuzhg%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=1a5b8c5da645dc148127d13bad7f14e2%2F3898013023788953546&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1691419065330&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4y5ds0fy6a3rhcnyfksqyrvv1s4et89n4s7r31352nykjczxr11qcxyy9g3saqda26tb3ztcbnjn13vv1r694dz1thye5eqeq7e6r2xe76yrvnevvme37j39cxwjfdt7fy9sbne0g7af4147t33d6dgrkmbxtqrsp28yt1n6z1mxavgvxg96z7t7wbg4hkn8jtx24175gbmxqrpyjqfzh8q9aqgrgnrvq8v8rs8ntswdf799vnxs2ab1kdrjcx3n6wgp4ax9g5ejymewxgsz1r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNWL9uAHRZJ2AEdG__tMPhZ-K6AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODE0OTQxMDg4MTYyMzMyyAEJqQK6h-fSHWyyPqgDAcgDAqoEywFP0K_ogm-T_HVYU2Fe_Y5zTvm4ZSx5-8rK5N0c_ds_5q-tqEcbnbJ-ykMXaB4o_weshTB0OsYzC98lU7zCfFTqgvSXDQQQtdLCvC-_jc44ZXuQp1w-jlV5Kvxcrljmn-Z7TcRMrRSb8zhETLTiDxOLQelybfTT8iksxJCyzQeMuS1Ln1HcbQNnqWxj45qh_pIvILgQlGAATtb5lJbEpeh5L7y7qnOG9SqtHTpKjO0soGADk-WL4MXemhjRPTmpNcOJ0StVbHo31-vwZoAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0GAfvOKi9vwx6LTdNsFUX3uM3nmQ%2526client%253Dca-pub-5814941088162332%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bloxfruitsdojo.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
s7.addthis.com
static-de.ad4mat.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.conrad.de
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
104.102.35.84
104.102.45.165
13.227.219.46
142.250.186.166
145.239.193.130
151.101.66.49
167.233.13.224
172.217.18.98
178.250.1.9
18.66.147.120
185.29.134.244
2.19.224.115
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:3034::ac43:dc69
2606:4700::6811:180e
2606:4700::6812:18ad
2606:4700::6812:7e05
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a02:fa8:8806:20::2040
2a05:d018:d29:3605:c921:7369:53d4:6471
3.67.123.166
35.177.233.254
35.179.30.203
35.71.131.137
51.89.9.251
84.200.5.215
88.198.250.30
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdb38d83ea97635acae4fdec5784091941953efe7410475dd36849bf25dced0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1b755b2537f6842f54228686b9fac8bfd9b54b53505e1e5b0c616191298c5797
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
23e41d4757e605384b24c86a42fee170b0c5199c0c40e5aa3d1d07edf13caf34
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33b32acacc3d3b967af9416c72a05e02659fe1112b2a19c9c8b6b3abc96037f4
3628465bfc7e516f7cc8fdc9492f9bd2ff379f3b6086f123f0fc066fcec791b0
3797d0f2a3c6c4b53d2e183147db6b76e9c06866e45f119302446ea1a18a7612
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d950a0d8d81bcd8325f2cfd2c17945e80210c7cba278392c2d71e6a06eacf12
3e25703abed8c2228b0a98e3bc84e32c3d44d334bdd881fb06a20447fd904b7b
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53e028c7d0b4cc5752dc255054dc412f0821943def0390a375678472bddfbdec
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
584accc2c8007dc6b4b54fcd527ff937eca71635e0017dd1e844355593cf92bb
59926cf9abf7ca82243a5e35256678d938cf894a642e1221e338b2854b54c48f
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7aac6903170bd1d724436567c4bc2b70743badab6fc8d7a6e5150bad8f9c50
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7da37c8e1fd838a5443d7dc97b6ecca11bd8dddfc0b2d3ba1f8241d978fa45e1
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
86f5124988b6d67dca088ee65a2a4a507773f82698a188d3e3dcd7e12a95428f
8728520b817c7615119cec1c37953caeeff0d1715603ad2234a992e811aed348
897540e8fa9e284e75bd73315371d4c3299051dcdd97f62b83d5fb97dc59871f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
93c3ee40bb002b749bcab27f7b946f92c122fcb574ab1e5a032addb332d33aaa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a45fbc596c3d526742b139dcccb3cce3aa9064c360a2af2023bd6a6e9a503f7e
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b18d9008241cbf889428ca2c75e5b695b25966534992dcabc66535788592dee8
b6e2024b4dce73639fce1682cec2dedbb73adc5fd6649aad2937ed9456732d17
b9d111b6420f698c67110f8946a9e8509161940d3ec26c48933ee9c2289ecbd0
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bf9b101f956976af5f27917d2ed6ff7206a3fea304ceb4f9934ab4bd42c5bb28
c1ac8ba6e8e922b66c5b2199bc0a4534e3eed00cf674b470f86a4bf784d13a59
c1f0787b6165514dc9c9c50e39fb0cada1c2a1e2dd53f8c78c5b420613040042
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca9ce991e9c0726a2fa041f7d038b3bd7f86a9106c0d6e7072709727981d21a2
d03d7596d2232e2fad2f4b749de939bf26aeed97577d1e7ee15774b5ddc63cbe
d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5
d5f6a873de9bca64d13b27123e88d0e4b8911937c46a9e8be22b8e3b6fc08ea8
d66694e9c0f3ae8a8bac65a79bac91f21a389e79ff9ab8fc945c0304daeef74f
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de5e167d0cb1595930aa3d96107c84c91f8b0ef1ea460f477f1f932bc61b6b1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841
e4c6872399717ce022bcfcd0be6490b3fa4d9fa371bd3aa491cc78f031867e8d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334
ea1486afa93dc6ade989514a67ee0dd6a469e1612e425e5e850b5da27ef4b07f
eb7992882aa0838cd9d41c9e9bcef9e10576c790b9a325c060e2a8ab00922876
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
eda5e562159f7c5609289195c5daeb7d886bb6af7be31bdaecc193ee22b34936
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
f4043ae1bb8138043da669194f010cb670abd4b0957a28fefe9991aa1089a542
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f82a57fb3782e8b8edcd22969557f6868b97c604a034fa3e00100cc927268aa9
f9aaa51dd4b6c1c9748d02924c508911f45372e91ce17a5d1aeb89dafc2bc5c3
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

bloxfruitsdojo.com Open in urlscan Pro 2606:4700:3034::ac43:dc69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

169 Requests

90 %HTTPS

55 %IPv6

36 Domains

46 Subdomains

36 IPs

6 Countries

3566 kBTransfer

6407 kBSize

24 Cookies

0 Outgoing links

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bloxfruitsdojo.com Open in urlscan Pro
2606:4700:3034::ac43:dc69 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

90 %
HTTPS

55 %
IPv6

36
Domains

46
Subdomains

36
IPs

6
Countries

3566 kB
Transfer

6407 kB
Size

24
Cookies

169 HTTP transactions
9 data transactions