bloxfruitsdojo.com Open in urlscan Pro
2606:4700:3035::6815:3e35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bloxfruitsdojo.com/
Submission Tags: phishingrod
Submission: On December 03 via api (December 3rd 2023, 1:37:32 am UTC) from DE — Scanned from DE

Summary HTTP 237 Redirects Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 40 domains to perform 237 HTTP transactions. The main IP is 2606:4700:3035::6815:3e35, located in United States and belongs to CLOUDFLARENET, US. The main domain is bloxfruitsdojo.com.
TLS certificate: Issued by GTS CA 1P5 on December 3rd 2023. Valid for: 3 months.

This is the only time bloxfruitsdojo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3035::6815:3e35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 62	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	23.212.201.72 23.212.201.72	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
5 24	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4002:c02::78	15169 (GOOGLE) (GOOGLE)
1	74.125.71.157 74.125.71.157	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f:3::9	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.68.216 3.123.68.216	16509 (AMAZON-02) (AMAZON-02)
1	35.157.253.10 35.157.253.10	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:9449:420b:1a77:b906	16509 (AMAZON-02) (AMAZON-02)
3 3	52.28.254.225 52.28.254.225	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:2964:2b9e:c1c9:93f0	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.58.212.166 216.58.212.166	() ()
1 8	138.201.63.165 138.201.63.165	() ()
2 3	145.239.193.130 145.239.193.130	() ()
2	88.198.250.30 88.198.250.30	() ()
1	2a0b:4d07:102::1 2a0b:4d07:102::1	() ()
1	23.212.218.19 23.212.218.19	() ()
1	13.42.211.181 13.42.211.181	() ()
1 2	142.250.186.38 142.250.186.38	() ()
1 1	51.89.9.253 51.89.9.253	() ()
1	18.66.147.98 18.66.147.98	() ()
1	99.86.4.53 99.86.4.53	() ()
1	2a00:1450:400... 2a00:1450:4001:82f::2002	() ()
237	41

5 2606:4700:3035::6815:3e35 (United States)

ASN13335 (CLOUDFLARENET, US)

bloxfruitsdojo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.201.72 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-201-72.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.16.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4002:c02::78 (Atlanta, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:3::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5go7ynld.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.68.216 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-68-216.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.253.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-253-10.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.237 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:9449:420b:1a77:b906 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.254.225 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-225.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:2964:2b9e:c1c9:93f0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.166 (None, )

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.63.165 (None, ) 1 redirects

ASN- ()

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (None, ) 2 redirects

ASN- ()

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (None, )

ASN- ()

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (None, )

ASN- ()

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.218.19 (None, )

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.211.181 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (None, ) 1 redirects

ASN- ()

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	1 MB
53	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net 8019191.fls.doubleclick.net	315 KB
30	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r4---sn-5go7ynld.c.2mdn.net	141 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	131 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	139 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net hal90005.redintelligence.net	39 KB
8	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com	2 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	446 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
5	bloxfruitsdojo.com bloxfruitsdojo.com	197 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
3	medialead.de 2 redirects pv.medialead.de	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 818	3 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 560	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	246 KB
2	media01.eu pb.media01.eu	784 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	409 B
2	ctnsnet.com 2 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6100	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	923 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	889 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 780	1 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	310 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	82 KB
1	webgains.team cdn.track.production.webgains.team	437 B
1	webgains.io analytics.webgains.io	19 KB
1	onetag-sys.com 1 redirects onetag-sys.com	444 B
1	webgains.com track.webgains.com	2 KB
1	awin1.com www.awin1.com	702 B
1	office-partner.de adv.office-partner.de	923 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	713 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	297 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 686	732 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1586	63 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3351	361 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
237	40

	Domain	Requested by
44	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com bloxfruitsdojo.com tpc.googlesyndication.com imasdk.googleapis.com
39	pagead2.googlesyndication.com	bloxfruitsdojo.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
27	s0.2mdn.net	bloxfruitsdojo.com s0.2mdn.net googleads.g.doubleclick.net
24	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
23	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net bloxfruitsdojo.com
7	www.google.com	3 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net bloxfruitsdojo.com
7	fonts.googleapis.com	bloxfruitsdojo.com googleads.g.doubleclick.net hal90005.redintelligence.net
6	www.googleadservices.com
6	fonts.gstatic.com	fonts.googleapis.com
5	bloxfruitsdojo.com	bloxfruitsdojo.com
4	hal90005.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90005.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90005.redintelligence.net
4	csi.gstatic.com	imasdk.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	pv.medialead.de	2 redirects hal90005.redintelligence.net
3	pm.w55c.net	3 redirects
3	c1.adform.net	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagmanager.com	bloxfruitsdojo.com adv.office-partner.de www.googletagmanager.com
2	8019191.fls.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	pb.media01.eu	hal90005.redintelligence.net googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	ius.ctnsnet.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	um.simpli.fi	2 redirects
2	r4---sn-5go7ynld.c.2mdn.net
2	googleads4.g.doubleclick.net	bloxfruitsdojo.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	cdnjs.cloudflare.com	bloxfruitsdojo.com cdnjs.cloudflare.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	onetag-sys.com	1 redirects
1	track.webgains.com	googleads.g.doubleclick.net
1	www.awin1.com	hal90005.redintelligence.net
1	adv.office-partner.de	hal90005.redintelligence.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	s7.addthis.com	bloxfruitsdojo.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
237	53

This site contains no links.

Subject Issuer	Validity	Valid
bloxfruitsdojo.com GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://bloxfruitsdojo.com/
Frame ID: 1F7B7FD0BE57EFF7B24A98B5EB9BDF92
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 1D76B877BA43A95E34D09DDF01598CFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&adk=1812271804&adf=3025194257&lmt=1701567446&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567446341&bpp=33&bdt=183&idt=449&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5647626719242&frm=20&pv=2&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=467
Frame ID: 12946A4C58668339739EE4DF6EB35D54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=280&adk=1213588912&adf=321161274&pi=t.aa~a.4014013302~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567446&rafmt=1&to=qs&pwprc=3285142542&format=1200x280&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567446374&bpp=2&bdt=216&idt=443&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Frame ID: C433944DFECB54F05BA145FEEBCD74C4
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: D307CA894D869951EB79E662502B38AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Frame ID: 10F5D745B1934814DD3EE7A7E39A9DAB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Frame ID: F396E05A33A7A69557FA3DCAEC3A8DB8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Frame ID: E5195C725FE804BC47CB6DDB586C79AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C6AD18513C477FC9B20F72B59BB72815
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9A959E2FFA0A09EDD20F38A5C52E6945
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C04CF4E5928F3304A2E1EB674CA9FD1F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 313B347142E3A5668B1E82FCD7221B52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C29498328B400969C673D50474E33D67
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 213A0EA3890F61E79F3BBC02D049116D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQYoqy2_wEwAQ&v=APEucNWWJ_8opLBaXW92Kkx5z21HJ9SAcZPp4yNlFnzIjNxLpjsTyArEr5zDswsRRbUIMk2sPSaJXvzZThz1KnkMkUUVA-KgSFBNYr-yAfVXwBQJnA0O9WBH8oKmOo7NTtGA0x-JfLBPNI1WoA_rg1VWPjp4t0aQqebdDQS0QpwykGHEAKhpy6M
Frame ID: B05545A480FAEB63BB7BD945B49F74B9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 49B004763A40A2C9BE2BE2F8E5126F98
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4DF1AE6F8AB7136D6C6E6F5B55658BB5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3FFB3CB8623D7B15193CEA5167D2796
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Frame ID: 0B259C9D4DA8E9A880C7BD4B62C2E76A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3859088D55A3A2C2CBF9A9D022F93D04
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
Frame ID: 520CF37079A21A9536A8A6007ECB693A
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: A160BC73ADE559F4F8B4AD5342CC2A08
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: B0A608FA2F13AE746C30A92366DD2991
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A96E03BC307155FF8D1358D63238667B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F943CB4820367EC63874CAC5087D1D65
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C371B6244802B387095E0C516CDA7C9F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 594EA68BF3E1BE02DFBDF4FCE858BB61
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWzpqahETiooF_4zIKzRJ_b3JKa0yg1LqT8rZ6ra6LbNZs8_bdeFIcuN3un2fvKEGB8SuxthI61OQULpzO1a6I0C7VMSf5P54UErldyKfgrQvmrwupNO-0lpvfFjaOS_e7J-4DhjZLQjszN55akNtif0QG18UOMyFqEfIeNi52vfwuPSy0
Frame ID: 6D60073A38DE46CDE22A488F40895DB7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 778AF125CDDB4E71EEBAF2C88891B4D4
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 30A35AE3C70008270194171F7D686168
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: A654FB34F5F7BB8A72420DA8DC744E0D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5BC4B5ACFB73148650B9792A8DBB807D
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72963800007218604444550012527005&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: DB29E9927F730BD17AB3D8D7B77FA09B
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: C4555E088C1809AD1E7EDE79944A9F8F
Requests: 3 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=COGbiNyQ8oIDFf2d_QcdRG8M1w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023
Frame ID: 8868656FD05624B54BE680A6CA746F53
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=72963800007218604444550012527005&a=542a87ec
Frame ID: BBF8CD524D9994F5398DE340AF3848A4
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F68008A5D1C2591128A9095CC1F6ADFD
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blox Fruits Dojo - Codes & Tips

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

237
Requests

88 %
HTTPS

42 %
IPv6

40
Domains

53
Subdomains

41
IPs

7
Countries

2888 kB
Transfer

8205 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ5aH19trZab7BJyVjuwPnYC88AHH0YTubofWoNvzEKX8zobIOBABIPX6qxZglYKAgLAHoAGKn8PCA8gBCakChxZyOYpCsj6oAwHIA8sEqgTVAU_QTWb7quabFO1-AjiK-xysBArBFL7QpBLfJ1NEMgf4JfyA0mBURTVdZF6u2KqZWuMQ1eTK_IS5_CvESmbNNiL0dgI5YQBKp8nI_IX79JASGFuztecsTobdpYX15ew_MEfFMoyxvbahgouG-km9QFOcAggQ7VioTRICP9VyCSm6Vj-rrkErouoxvYUKeyth2skRCxxi-xfkAmjJ9fpO0kojm6oKwwCXxfaVn-2Nz9t3RJunuF36exuBEAFL6jRUoWk5NNnXDvyffro91koAR2MhBjadJcAEiqPOi6QEiAXaiM2GSZIFBAgEGAGSBQQIBRgEoAYugAfe4Lw9qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQs_jgAdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYk5362ZDyggOaCbMBaHR0cHM6Ly93d3cua29uaWNhbWlub2x0YS5kZS9kZS1kZS9zb2x1dGlvbnMvaXQtc29sdXRpb25zL2N5YmVyLXNlY3VyaXR5LXVuZC1hd2FyZW5lc3M_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPTE5NjA5NjMzODgyJnV0bV9jb250ZW50PTE0NzEyNjk4MTAwMiZ1dG1fdGVybT2ACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgT5APYEw3QFQGAFwGyFxwKGggAEhRwdWItNTgxNDk0MTA4ODE2MjMzMhgA&sigh=WmEV3ApbTkI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNFAVQtwRfnBR4uZbdnEY3ifHCVZ8cdMNupvo052iDuhAumZ1a6VYVuCqcdfg8X-Psm0w6my16ipZ7qdh3brcpb0m07HkSatzlIxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229122290522643083352%22,%22debug_reporting%22:true,%22destination%22:%22https://konicaminolta.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22944820106%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210819306518453051073%22}&andc=true

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKZmrw3aTbvDAiEWTNXi_7s&google_cver=1

Request Chain 73

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWvb2DbigFlVss6j17fGyAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKZmrw3aTbvDAiEWTNXi_7s&google_cver=1

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEmyQyxHehFrRucx4JgykG0&google_cver=1

Request Chain 75

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNzIzMzgyMzU1NzUyODY0NA%3D%3D

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://gcdn.2mdn.net/videoplayback/id/b30bbaa701651f16/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733103449/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/525F5EDECF7681389988FA97E4C3245B3B711A81.041E10CD91F7C7F2D93F6FC5F517B38E51230C83/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/b30bbaa701651f16/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733103449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34BEE1FB8258A30B4F2C34556DB537D334EE3130.0D7626046253FDF3F60D5916D020FDA9F53FB47E/key/cms1/cms_redirect/yes/mh/gW/mip/2a00:c98:2050:a007:2::8/mm/42/mn/sn-5go7ynld/ms/onc/mt/1701566759/mv/u/mvi/4/pl/57/file/file.mp4

Request Chain 135

https://um.simpli.fi/gp_match?google_gid=CAESEEROX-0QSk1T5ZjyBqDnEyY&google_cver=1&google_push=AXcoOmTW0xzUGHcHp2mdaannPi2SJS2r1NKrWmRlKJ704KZBNHr9sjOJSBDPoCAelhVWfKn2jep9VjhWIZvciIkoKGvWmODf4rIFqg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=32CC7D9C45E544C383A0535EF38DB24C&google_push=AXcoOmTW0xzUGHcHp2mdaannPi2SJS2r1NKrWmRlKJ704KZBNHr9sjOJSBDPoCAelhVWfKn2jep9VjhWIZvciIkoKGvWmODf4rIFqg

Request Chain 137

https://d.agkn.com/pixel/2175/?google_gid=CAESELLM457SuHG88GcLI8gZf68&google_cver=1&google_push=AXcoOmTuiEhJko4i4pcWVu9cnoKb0n023Ob3aKfMXz3W7KvEpoOohmTIP850m7m9y33P6SeXCP-67AaYym6T1quWe0gl20LWfRX66zM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTuiEhJko4i4pcWVu9cnoKb0n023Ob3aKfMXz3W7KvEpoOohmTIP850m7m9y33P6SeXCP-67AaYym6T1quWe0gl20LWfRX66zM&google_hm=Q0FFU0VMTE00NTdTdUhHODhHY0xJOGdaZjY4

Request Chain 139

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMrkjDu5K806SSFfKvQK6z4&google_cver=1&google_push=AXcoOmTRG7K3K-8PZuXGjaAx4C7OI3Vw_QUirPDt1rZKq0atYm2aAF0S_owx_py8VkA3J4chyJT6FpJxSlgToJeuc1JY1vJKx5jn7Ko HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMrkjDu5K806SSFfKvQK6z4&google_cver=1&google_push=AXcoOmTRG7K3K-8PZuXGjaAx4C7OI3Vw_QUirPDt1rZKq0atYm2aAF0S_owx_py8VkA3J4chyJT6FpJxSlgToJeuc1JY1vJKx5jn7Ko HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1Njg1NzU1Njk5ODgyOTM5MQ&google_push=AXcoOmTRG7K3K-8PZuXGjaAx4C7OI3Vw_QUirPDt1rZKq0atYm2aAF0S_owx_py8VkA3J4chyJT6FpJxSlgToJeuc1JY1vJKx5jn7Ko

Request Chain 155

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmSUeR0_HjKIy0vrbi7qhB8yE-vPYVIZoVtQgl0rdfATiNgG0_izKTeWWcrWLQPsVTnPR4TFaI54mnr-solS0KFLVa5rOf-ggV0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmSUeR0_HjKIy0vrbi7qhB8yE-vPYVIZoVtQgl0rdfATiNgG0_izKTeWWcrWLQPsVTnPR4TFaI54mnr-solS0KFLVa5rOf-ggV0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3RJU0tkUGgxUjlCcWg1&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmSUeR0_HjKIy0vrbi7qhB8yE-vPYVIZoVtQgl0rdfATiNgG0_izKTeWWcrWLQPsVTnPR4TFaI54mnr-solS0KFLVa5rOf-ggV0

Request Chain 156

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_cver=1&google_push=AXcoOmRgzYJRCTFWgYaZ88xVKdKwIwZBgcUr0kJ1LgX1jpM05FgMFT5DloVFRPZUoH3FucHhJ1mt9pzMG_vf5wfII7EUUjIGzBhaabg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_push=AXcoOmRgzYJRCTFWgYaZ88xVKdKwIwZBgcUr0kJ1LgX1jpM05FgMFT5DloVFRPZUoH3FucHhJ1mt9pzMG_vf5wfII7EUUjIGzBhaabg

Request Chain 157

https://um.simpli.fi/gp_match?google_gid=CAESEEROX-0QSk1T5ZjyBqDnEyY&google_cver=1&google_push=AXcoOmTaassqIFrHHvYDdHgI_ZIGsaxTSX-kgyaUjgtw3F2b3q8D_Xireko65lfZN0JZBHH1j5Zh54fVXEg63F_8Tzxr8ldpzOEGgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=32CC7D9C45E544C383A0535EF38DB24C&google_push=AXcoOmTaassqIFrHHvYDdHgI_ZIGsaxTSX-kgyaUjgtw3F2b3q8D_Xireko65lfZN0JZBHH1j5Zh54fVXEg63F_8Tzxr8ldpzOEGgg

Request Chain 158

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKFqvK0bI7ZQRXthu-ftjHs&google_cver=1&google_push=AXcoOmSlb7Lak-Gk7fegb556clk5nmg57u3rkqn9KNQyFzommAmVzhkeQ4Hg2NdiXThkzoKhbXW5sy5dIyZQGYEECUcTuCs2yxk5e7Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OVpN3YkgRSIfRLsUDQ4VPA&google_push=AXcoOmSlb7Lak-Gk7fegb556clk5nmg57u3rkqn9KNQyFzommAmVzhkeQ4Hg2NdiXThkzoKhbXW5sy5dIyZQGYEECUcTuCs2yxk5e7Q

Request Chain 159

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBAupQu6Hi9am5Cx41ba3iM&google_cver=1&google_push=AXcoOmRtUW3N50nBRq5Aqdw5hK-a3HGKZhZIrljRxaRV33AgWpf-nt9yCIGnnpEZIbm05wq9io9TComMTZrlysYGZWUyLuwxvsxWrYA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtUW3N50nBRq5Aqdw5hK-a3HGKZhZIrljRxaRV33AgWpf-nt9yCIGnnpEZIbm05wq9io9TComMTZrlysYGZWUyLuwxvsxWrYA&google_hm=eS1rNDhUZlI1RTJwRWFhV2NhbmJXZlFmQUlxWGVwYnZaX35B

Request Chain 161

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENpJED68QzSmQTTMVR7Dlms&google_cver=1&google_push=AXcoOmTDEqlt_esLXajcg0w0qqU_Ta7V8sZI9zNrELYrVtAsy9wRXdsN0_U2-YvOkfL9zCbVp4a0mV66gC-gWYtR_yHuMFLhtVgp4fE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTDEqlt_esLXajcg0w0qqU_Ta7V8sZI9zNrELYrVtAsy9wRXdsN0_U2-YvOkfL9zCbVp4a0mV66gC-gWYtR_yHuMFLhtVgp4fE&google_hm=vmM77zFGSVu4aF1YPE_Dxog

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI-QGZYOJai-jRY-_r7351I&google_cver=1

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESECmKDkmh9QkkFQ-AyCSA7cE&google_cver=1

Request Chain 169

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 171

https://googleads.g.doubleclick.net/pagead/adview?ai=CVB4b2NtrZefxIOGrtOUPj6OrgAqv-_7Wc43izbzeEKbxhuOgAhABIPX6qxZglYKAgLAHoAHmnvmFA8gBCakChxZyOYpCsj6oAwHIA8sEqgTUAU_QnREWpQuz_0m5aSEC4JoEKKdLqD1HNmpaLg0D_TjpijE3wFCq-w1Ikrs1prg6Y82NX8FmPdDrH3GiSuVMTEVHlHlrK3pzpFcBqCUOVQSxy_E1r4grPdGGaZT06AVYKhS8B5DwD3qZnRrN2gZ_KHsYoQnQtXzBS14FYKud1SEf5jvJlMdGJw0hjWom6O9IRo2djKnvFen4-eYqrXZIF6YfgjkOT0xV_wuPdvOgKbxptZULeMpnLyPXhVYfWqQjgx4Oh4queG5QVE3QL3Weq6_20lk6wATtk_TrmgSIBYT7pP5HkgUECAQYAZIFBAgFGASgBi6AB4LhhnqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCv0iHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNaTz9qQ8oIDmgkxaHR0cHM6Ly93d3cuaW50ZWdyaXR5bGluZS5jb20vZGUvc2VhLWxwZy1oaW5zY2hnL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQK4E-QD2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTU4MTQ5NDEwODgxNjIzMzIYAA&sigh=C6k9VNUVgQ4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNSJqf0CrWDkwVuAwLr5upMhYn6JbAziIUmFmGhjKz_jxsULlmGGc1yvqQ8WVav0CiULbZd1nEGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229453271977919685402%22,%22debug_reporting%22:true,%22destination%22:%22https://integrityline.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22817778534%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229318888012218480305%22}&andc=true

Request Chain 177

https://googleads.g.doubleclick.net/pagead/adview?ai=CUUSA2NtrZb-oIauQtOUPnMu28AvU9ceDdIrq5Ij-EavjupKSDhABIPX6qxZglYKAgLAHoAHW29r8AsgBAqkCS2-RJ_osgT6oAwHIA8kEqgTbAU_Qr6U3yfdqJM3vNpQ9JuL_6nIdi4yr6h8IkmLYHnyEFwslu0tporYoySZozU2CM_3tXGuMd000tZwCY1Xqt3COuJbttnbU9gildUPCopTTyq9fQuFzOubc3OIvTNQLDkENrt0qK_1nafoVsLms7xKnbbRUnK40ZJAYfx6s9YluiXTI_1d7ropE2dNGaZ6XT-1XcADWxv2mGQ0dt4n1MkFCag_AAD9JluwR_7pym28GHUdYm_ebwVlU8GQHUCZAjMF8HqovTXoMF4ejK17W3Z4iA-c1l73AhPc5b8AEjaKFqLwEiAWbj-nOTJIFBAgEGAGSBQQIBRgEoAYCgAfXsJX_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEM7EFtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYqrnP2pDyggOaCRtodHRwczovL3BlcHBhZ2FtZS5jb20vc2hhcmWACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItNTgxNDk0MTA4ODE2MjMzMhgA&sigh=RZdSnjZWG_0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNnUh971ZdVdp0_Zr33QmLzsGTrzX3vb46SGAULPUMjmUk7733PeJtzkU5mSxf7_T_gjPzzwV0GAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224056532961308821155%22,%22debug_reporting%22:true,%22destination%22:%22https://peppagame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217133945203471645073%22}&andc=true

Request Chain 193

https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=7ea3e5bc02&subid=&uid=3924ef7f90a30f49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCadsG2NtrZZfQIcG9tOUP586eyAGm5b2gaYWVnKfJD_AuEAEg9fqrFmCVgoCAsAfIAQmpAocWcjmKQrI-qAMByAObBKoE9gFP0NAWr40ubsS6QEx5vrH_CwhTb6hYCoR0D4v8sTQp0Bomzr6zoW6mrm2orrHIYNwCjkS8R8kM1WWFaI6xg39e7UJmRn9YrnDQytH4fz5APCjqWjCOVQJyVoSMWNZ1eNWuI5N0Z1xX9Jbz10rO-PDsuYnNrSnSi7yfc7VOI99IN83VDGpRrtGra0U27DhWe-LMewynk14SIuj5YhTa_bdReVC6fRYA0HPrKV1_VVxK2GVGhREtul8Ugw_n0oUoQKCFycPG3HUqKTIsic02tpW0uIAvrztSPGk_eZy8W-7EliY7l-HmZVly-1gtT71-KGZjZjySvunABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYguTP2pDyggOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN_umDvYrkgU96hJKuxobWI2MqZ1s_W8H8ImUj8JX7Mo0v8HEsFDHJidy6WRRkLI3Bpdi910wyGAE%26sig%3DAOD64_3Yuejdsme1nc6bysd9eUn403lGPA%26client%3Dca-pub-5814941088162332%26dbm_c%3DAKAmf-COfISZBV2buOFj8Dvro0b-RHN-nIKx2zrdKqn0v-7wUUey5sG-vsCozjpG4fi--NPS677e8pSJVCArNNE9OyFsNydK5q2HyI0EmwVDHAindaeBUsbSqJKr6Vx_1wE_p90pYSrG3nCBEsgv_jOVsrs4G6Ebx8apTpKhpqRxPnGO5LTkigY%26cry%3D1%26dbm_d%3DAKAmf-Bq0ye-BUPlqyopW-NCJaOhaKEQfwgkjBy4WEbZoC9-D9ttcxj0CrvSZKjpV-92-i8GslXNTDlWpTky--Hke2m6afcCKitmdUFu1gLsXZ8ive4JTrJILhOAV2q_1gUJ3G51Y1AnPup4Bh-7TddRALJ8NNp4qSAZ8Kqk-qQ7PlLDNdkITcd9U8tsMHlQVv7DjzZbutbmsnMPcW40zEn4n4RQJwl_0snBRXxzeOcWA2CXd8FdrbWHAgcG_yiNJaK6f9B0sbrt3pstCtLOKRrxe02Ind4AyMjLOpgt5FiWaxBfqI7aRxiXRg_1_oNLtTDIvOA-aUaMNzkFd90J0zZh6MyKXLgDatrTkb2FMlmreA83ehqhyFULG9Nd0q9z_x40DvPkI_YVeQdpsFCncimN67JGj9sD6ki9Ac09-zR-6VJlIkkm3jxk4vaSP5V_zVBUllk_M2VLZX120dlY5_QAw8Jq5i1XHvfKJzcBZxz_Ic04yZACxVHMfNKHl3jlse1JTxr5UGtsLx10nIR4C6gztuBjYdJBTkmbRbnffIzYFfb_pF8ZmGc%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5814941088162332%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1602281170%26pi%3Dt.aa~a.3920200256~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701567448%26rafmt%3D1%26to%3Dqs%26pwprc%3D3285142542%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fbloxfruitsdojo.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701567448440%26bpp%3D1%26bdt%3D2282%26idt%3D0%26shv%3Dr20231129%26mjsv%3Dm202311290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D4bb2dc42557d250b%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w%26gpic%3DUID%253D00000d01bc7b7af6%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw%26prev_fmts%3D0x0%252C1200x280%252C1200x90%252C1200x90%26nras%3D5%26correlator%3D5647626719242%26frm%3D20%26pv%3D1%26ga_vid%3D641933567.1701567446%26ga_sid%3D1701567447%26ga_hid%3D1023079412%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1835%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079266%252C31079437%252C44798934%252C31078301%252C31079861%252C44807751%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26psts%3DAOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A%26pvsid%3D3252580902845133%26tmod%3D1310125418%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D16&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbloxfruitsdojo.com&random=1389121937239&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=7ea3e5bc02&subid=&uid=3924ef7f90a30f49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCadsG2NtrZZfQIcG9tOUP586eyAGm5b2gaYWVnKfJD_AuEAEg9fqrFmCVgoCAsAfIAQmpAocWcjmKQrI-qAMByAObBKoE9gFP0NAWr40ubsS6QEx5vrH_CwhTb6hYCoR0D4v8sTQp0Bomzr6zoW6mrm2orrHIYNwCjkS8R8kM1WWFaI6xg39e7UJmRn9YrnDQytH4fz5APCjqWjCOVQJyVoSMWNZ1eNWuI5N0Z1xX9Jbz10rO-PDsuYnNrSnSi7yfc7VOI99IN83VDGpRrtGra0U27DhWe-LMewynk14SIuj5YhTa_bdReVC6fRYA0HPrKV1_VVxK2GVGhREtul8Ugw_n0oUoQKCFycPG3HUqKTIsic02tpW0uIAvrztSPGk_eZy8W-7EliY7l-HmZVly-1gtT71-KGZjZjySvunABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYguTP2pDyggOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN_umDvYrkgU96hJKuxobWI2MqZ1s_W8H8ImUj8JX7Mo0v8HEsFDHJidy6WRRkLI3Bpdi910wyGAE%26sig%3DAOD64_3Yuejdsme1nc6bysd9eUn403lGPA%26client%3Dca-pub-5814941088162332%26dbm_c%3DAKAmf-COfISZBV2buOFj8Dvro0b-RHN-nIKx2zrdKqn0v-7wUUey5sG-vsCozjpG4fi--NPS677e8pSJVCArNNE9OyFsNydK5q2HyI0EmwVDHAindaeBUsbSqJKr6Vx_1wE_p90pYSrG3nCBEsgv_jOVsrs4G6Ebx8apTpKhpqRxPnGO5LTkigY%26cry%3D1%26dbm_d%3DAKAmf-Bq0ye-BUPlqyopW-NCJaOhaKEQfwgkjBy4WEbZoC9-D9ttcxj0CrvSZKjpV-92-i8GslXNTDlWpTky--Hke2m6afcCKitmdUFu1gLsXZ8ive4JTrJILhOAV2q_1gUJ3G51Y1AnPup4Bh-7TddRALJ8NNp4qSAZ8Kqk-qQ7PlLDNdkITcd9U8tsMHlQVv7DjzZbutbmsnMPcW40zEn4n4RQJwl_0snBRXxzeOcWA2CXd8FdrbWHAgcG_yiNJaK6f9B0sbrt3pstCtLOKRrxe02Ind4AyMjLOpgt5FiWaxBfqI7aRxiXRg_1_oNLtTDIvOA-aUaMNzkFd90J0zZh6MyKXLgDatrTkb2FMlmreA83ehqhyFULG9Nd0q9z_x40DvPkI_YVeQdpsFCncimN67JGj9sD6ki9Ac09-zR-6VJlIkkm3jxk4vaSP5V_zVBUllk_M2VLZX120dlY5_QAw8Jq5i1XHvfKJzcBZxz_Ic04yZACxVHMfNKHl3jlse1JTxr5UGtsLx10nIR4C6gztuBjYdJBTkmbRbnffIzYFfb_pF8ZmGc%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5814941088162332%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1602281170%26pi%3Dt.aa~a.3920200256~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701567448%26rafmt%3D1%26to%3Dqs%26pwprc%3D3285142542%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fbloxfruitsdojo.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701567448440%26bpp%3D1%26bdt%3D2282%26idt%3D0%26shv%3Dr20231129%26mjsv%3Dm202311290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D4bb2dc42557d250b%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w%26gpic%3DUID%253D00000d01bc7b7af6%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw%26prev_fmts%3D0x0%252C1200x280%252C1200x90%252C1200x90%26nras%3D5%26correlator%3D5647626719242%26frm%3D20%26pv%3D1%26ga_vid%3D641933567.1701567446%26ga_sid%3D1701567447%26ga_hid%3D1023079412%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1835%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079266%252C31079437%252C44798934%252C31078301%252C31079861%252C44807751%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26psts%3DAOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A%26pvsid%3D3252580902845133%26tmod%3D1310125418%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D16&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbloxfruitsdojo.com&random=1389121937239&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 206

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=72963800007218604444550012527005&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72963800007218604444550012527005&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 208

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=72963800007218604444550012527005&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72963800007218604444550012527005&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 221

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=COGbiNyQ8oIDFf2d_QcdRG8M1w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023

Request Chain 229

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmRa59xHGzFVblgSd8zmFGdYprXXY_Sqorw8MVtOaMPZPX9K61dDNObR-r4-MU9b89RfhXa14DRIgAUnhHgshroav8rGoM3UQzQMGnrtBqQXEkAdsYgmNQB22WPQjZW4A72YNTadNuW5BuQAlydqtCFaC8c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3RJU0tkUGgxUjlCcWg1&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmRa59xHGzFVblgSd8zmFGdYprXXY_Sqorw8MVtOaMPZPX9K61dDNObR-r4-MU9b89RfhXa14DRIgAUnhHgshroav8rGoM3UQzQMGnrtBqQXEkAdsYgmNQB22WPQjZW4A72YNTadNuW5BuQAlydqtCFaC8c

Request Chain 230

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_cver=1&google_push=AXcoOmR9IY3baMHR6ExoJTx_Asw72UckdgINx5MpUx7gU86-gzu02lu39ZeL7om7wGputjnHYWux6ARSUkVGMB7Xuy2t7EnACfgDjhHF0KB4X2hdcWUNxzRcps8BHLdCdEp_RKkRY2O1dJo7PjbYKpmJDV0O8hs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wld2YjJRQUVGa28zbndCSA==&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_cver=1&google_push=AXcoOmR9IY3baMHR6ExoJTx_Asw72UckdgINx5MpUx7gU86-gzu02lu39ZeL7om7wGputjnHYWux6ARSUkVGMB7Xuy2t7EnACfgDjhHF0KB4X2hdcWUNxzRcps8BHLdCdEp_RKkRY2O1dJo7PjbYKpmJDV0O8hs

Request Chain 232

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKFqvK0bI7ZQRXthu-ftjHs&google_cver=1&google_push=AXcoOmTU2H3lD9uWWphqjkIDxDCShx5u-TZ9WWepi74S9OdqCtQ83ukVbp-HFwZmlKz92RfLnoKxNDeLH96BX5RdJm6VYJKnb_Af6-N_rlo6Dl6sSUhKFFqqgXHjyPjMSxViMTTHWG0DZqLFjHIqqx1pNE-sLg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OVpN3YkgRSIfRLsUDQ4VPA&google_push=AXcoOmTU2H3lD9uWWphqjkIDxDCShx5u-TZ9WWepi74S9OdqCtQ83ukVbp-HFwZmlKz92RfLnoKxNDeLH96BX5RdJm6VYJKnb_Af6-N_rlo6Dl6sSUhKFFqqgXHjyPjMSxViMTTHWG0DZqLFjHIqqx1pNE-sLg

Request Chain 233

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMrkjDu5K806SSFfKvQK6z4&google_cver=1&google_push=AXcoOmRufIWQmNh5jWvMeYNZYbbfE0TfbZKtvd02p5C7FrXZ1auBfZTBsXzlEs5ZkwJg3pP2AmXK9RFaFBqv0llPRD_MBfgmOO94tVt-BCHZ1-UrY9SaQovT1kbmGPy__lAIjlvDmLsX1eVaIgSE4z1sumAj5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1Njg1NzU1Njk5ODgyOTM5MQ&google_push=AXcoOmRufIWQmNh5jWvMeYNZYbbfE0TfbZKtvd02p5C7FrXZ1auBfZTBsXzlEs5ZkwJg3pP2AmXK9RFaFBqv0llPRD_MBfgmOO94tVt-BCHZ1-UrY9SaQovT1kbmGPy__lAIjlvDmLsX1eVaIgSE4z1sumAj5w

Request Chain 234

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBVDizj3Z-P3X-CdvBlkRAM&google_cver=1&google_push=AXcoOmQJpxATWF4xMSYNNa9_FR-VH5Fme3pfH7ElKqN25_v0kfQAtRffFy7EIdVNaga9FpAGi1Im6oxT5mS0NvKyl8Sp-Udvffe6UpJh8B58D2s2W8DCaXQECcPoo4wvzMxdVshJejLEbkpOTFCST5LMyQCcYLc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJpxATWF4xMSYNNa9_FR-VH5Fme3pfH7ElKqN25_v0kfQAtRffFy7EIdVNaga9FpAGi1Im6oxT5mS0NvKyl8Sp-Udvffe6UpJh8B58D2s2W8DCaXQECcPoo4wvzMxdVshJejLEbkpOTFCST5LMyQCcYLc

Request Chain 235

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENpJED68QzSmQTTMVR7Dlms&google_cver=1&google_push=AXcoOmQ94EYKeoxDOSw53amukhPNSTEKQt03VPgMHHMRh6DiegaG8xMQFAPTG4RjpixbDCkNkTQFRVz6RG0I4T5d-TZZ4LXVktoMOAlRTugHKkcQTwvzsC6HAEW8KbuHHpmo-W8nXJmAuKHGuMh3eigHS-KY1Xc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ94EYKeoxDOSw53amukhPNSTEKQt03VPgMHHMRh6DiegaG8xMQFAPTG4RjpixbDCkNkTQFRVz6RG0I4T5d-TZZ4LXVktoMOAlRTugHKkcQTwvzsC6HAEW8KbuHHpmo-W8nXJmAuKHGuMh3eigHS-KY1Xc&google_hm=vmM77zFGSVu4aF1YPE_Dxog

237 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bloxfruitsdojo.com/ 6 KB
2 KB 661ms
624ms Document
text/html 2606:4700:3035::6815:3e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3e35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b32acacc3d3b967af9416c72a05e02659fe1112b2a19c9c8b6b3abc96037f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f815969d513a8c-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:37:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THWyO1W%2BcJ4ak5verNCkvuLk%2BbwQq5CfCyEeCJt%2Fxyn1p3aW7WaNZAQ2OcMQYX4GrT5Ok2GKbTVcIpaySRq6m8niFgbQMWDDcu6dDwJzIx2N5b6DUmCPAn4kgT2SpvdERYSmVwb7X0790kSsPykk534%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 69ms
30ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3MK7NNWSET

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ae6ac4701dcae19e231f1e5b5a4edcc41658a0c6aea6e621410b1d72e5de338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 01:37:26 GMT

GET
H2 200 styles.css
bloxfruitsdojo.com/ 24 KB
6 KB 774ms
772ms Stylesheet
text/css 2606:4700:3035::6815:3e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloxfruitsdojo.com/styles.css

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3e35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

584accc2c8007dc6b4b54fcd527ff937eca71635e0017dd1e844355593cf92bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:26 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 08 Apr 2023 15:59:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L14A1BcqLSG38h9owbDAmQFRhRYlilpxnzSXw1j39VxtFwRec2w%2FPmwTXuIRDDAFa9e0lopm6xRnsI%2FoOPaIkRUAZsuqzxDPhC10qR28ujXgqlutE4uaofL%2Ba7G918%2F8aSEvyvAZrhAGaasnDLXjeKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82f8159a8f8d3a8c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 717 B
779 B 59ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 01:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 01:33:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 01:37:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
632 B 60ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 01:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 01:10:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 01:37:26 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 33ms
13ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 418982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1ZxMPFoPqafLFpgOnC4r8uNmgCGvRWsRnS77q08AqsbyWB31F2lDI%2FWNPD8NgFAU0YKOqLSXD76NlJcOsIXQTSX7VCOPO73EiV15uv%2FGmEvMwDk9PexHbMaw7Kmp7KWqTvNWu8JEuFO3ztUxIP0VtEI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82f8159aa9be371a-FRA
expires: Fri, 22 Nov 2024 01:37:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 64ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5814941088162332

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6cd7a7bd97dc88691c6a2f0b106f75807961a06f7164f3d1ca9cdb0e9c9c427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Origin: https://bloxfruitsdojo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51743
x-xss-protection: 0
server: cafe
etag: 13377462350581193331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:26 GMT

GET
H2 200 header6.png
bloxfruitsdojo.com/ 168 KB
169 KB 621ms
620ms Image
image/png 2606:4700:3035::6815:3e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloxfruitsdojo.com/header6.png

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3e35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca9ce991e9c0726a2fa041f7d038b3bd7f86a9106c0d6e7072709727981d21a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:26 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Apr 2023 01:02:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JR0Fo0YqRxzaYPkaZiJPvlEzZrqEc2cou0GuiK5U%2FeObxIspkyJOaViL%2Bom1IhTynb4ZkNlFjydcgl0LRPGIDTspOZzYySBqXaLSVfZuPPmnApzuEloWJPfiOurNm1pVVeJlHUUDrYEfVUh5GG%2BoknE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f8159a8f8e3a8c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 172098

GET
H2 200 darkblade.png
bloxfruitsdojo.com/images/ 7 KB
7 KB 640ms
639ms Image
image/png 2606:4700:3035::6815:3e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloxfruitsdojo.com/images/darkblade.png

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3e35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8728520b817c7615119cec1c37953caeeff0d1715603ad2234a992e811aed348

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:26 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Apr 2023 18:34:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SI2wOB4ewo6b16NxGyXJvsliqk2PvtBAOORkh9Jlm68TE%2BT2izi02SqHYidYHwlPUIAVZFe5llbSQr2zwd1FPvkTGw%2FNBd9dm5uV3tVTZwfRmoXX4fvglhYqBdS25M9RBzLvYDzVNpUbWl2mDFpWWM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f8159a8f8f3a8c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6819

GET
H3 200 buddha.png
bloxfruitsdojo.com/images/ 13 KB
13 KB 774ms
773ms Image
image/png 2606:4700:3035::6815:3e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloxfruitsdojo.com/images/buddha.png

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3e35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1f0787b6165514dc9c9c50e39fb0cada1c2a1e2dd53f8c78c5b420613040042

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:26 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
last-modified: Tue, 11 Apr 2023 15:33:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li96cxqeDCK%2B6dqKZKgw%2FCUcIwbO8hCkKbMHHhe3xXXkHQ%2B4ecBHkQHN%2B5eQ6Qoi3jl9%2FrtHpCz1i1B9USnX0PB%2BOn8GUbINphumOWkuBT1gTeMQ9cNaoag4NCXlwxSwEZ9xDz329YDKo%2BQP6UzcBEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f8159aad401e4c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13256

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 53ms
12ms Script
text/javascript 23.212.201.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.201.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-201-72.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 01:37:26 GMT
server: Oracle API Gateway
opc-request-id: /A2260AB15CDCBF32197386B22A760598/FEEDFD3C7D9D83D9B2469BBBB347F195
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 51ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3MK7NNWSET&gtm=45je3bt0v9110121730&_p=1701567446181&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=641933567.1701567446&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701567446&sct=1&seg=0&dl=https%3A%2F%2Fbloxfruitsdojo.com%2F&dt=Blox%20Fruits%20Dojo%20-%20Codes%20%26%20Tips&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=825
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MK7NNWSET
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxfruitsdojo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 398 KB
134 KB 83ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5814941088162332&plah=bloxfruitsdojo.com&bust=31079861

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5814941088162332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0956358000a66d15052f7a9a4eb517a57454cb824c093b87b6ebc2d3bbeed4a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137521
x-xss-protection: 0
server: cafe
etag: 14610336278529930259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:26 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 25ms
13ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://bloxfruitsdojo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:26 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 324739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWHzbGEj02u2tBH8Ir8WK4eDHYSEnq%2BzDqogHXskq0rdrM2bhuzJXNTSSsjfpOSw5ma1F9KxUqim4zacj6mjFJB5t2a%2Br0XXj03OqttHRVN4ZdCkufy%2FmYXD0%2F2UeWJwd%2BUZhFNHFBmx0kIPDm16nJSE"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82f8159bcb506ae2-FRA
expires: Fri, 22 Nov 2024 01:37:26 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 74ms
25ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bloxfruitsdojo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:42:11 GMT
x-content-type-options: nosniff
age: 363315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 20:42:11 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 62ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bloxfruitsdojo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:23:28 GMT
x-content-type-options: nosniff
age: 288838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:23:28 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 1D76 9 KB
4 KB 358ms
12ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5814941088162332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1294 427 KB
85 KB 1298ms
1297ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&adk=1812271804&adf=3025194257&lmt=1701567446&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567446341&bpp=33&bdt=183&idt=449&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5647626719242&frm=20&pv=2&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5814941088162332&plah=bloxfruitsdojo.com&bust=31079861

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02efc671abb6ee1f6f0b544741212b4c552eaa0b640abda5d7a947df25a19e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 86949
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:28 GMT
expires: Sun, 03 Dec 2023 01:37:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C433 119 KB
40 KB 1088ms
1088ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=280&adk=1213588912&adf=321161274&pi=t.aa~a.4014013302~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567446&rafmt=1&to=qs&pwprc=3285142542&format=1200x280&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567446374&bpp=2&bdt=216&idt=443&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c5d781351abbd6a3d947a0bcf9d651c6d931d4af90e2f393d3a5ee4dd3badd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40687
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:28 GMT
expires: Sun, 03 Dec 2023 01:37:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame C433 4 KB
751 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=280&adk=1213588912&adf=321161274&pi=t.aa~a.4014013302~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567446&rafmt=1&to=qs&pwprc=3285142542&format=1200x280&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567446374&bpp=2&bdt=216&idt=443&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=573&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 01:28:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C433 2 KB
903 B 53ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 12:24:13 GMT

GET
H2 200 1585553693184027359
tpc.googlesyndication.com/simgad/ Frame C433 23 KB
23 KB 95ms
61ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1585553693184027359?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8245304016bbdbcd319b81796c16a502657b6254b32dadebd2c6664003be2877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23093
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 14:34:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Dec 2024 01:37:28 GMT

GET
H2 200 7146927654195220036
tpc.googlesyndication.com/simgad/ Frame C433 4 KB
5 KB 59ms
25ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7146927654195220036?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7da6fc5fcbc16d83c625586ddb1ddf9a1bff269ac6dc0c4c6df431a9093038ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:52:37 GMT
x-content-type-options: nosniff
age: 6291
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4326
x-xss-protection: 0
last-modified: Mon, 29 Jun 2020 06:37:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 23:52:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame C433 24 KB
9 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 12:23:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C433 3 KB
1 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C433 20 KB
9 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C433 202 KB
64 KB 64ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame C433 37 KB
16 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
DATA 200
OK truncated
/ Frame C433 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f56af000c91d93ff99956eaf0d0370bc483b37296202f23ecece5a90fa99184

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3MK7NNWSET&gtm=45je3bt0v9110121730&_p=1701567446181&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=641933567.1701567446&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701567446&sct=1&seg=0&dl=https%3A%2F%2Fbloxfruitsdojo.com%2F&dt=Blox%20Fruits%20Dojo%20-%20Codes%20%26%20Tips&en=scroll&epn.percent_scrolled=90&_et=79&tfd=2766
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MK7NNWSET
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxfruitsdojo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C433 16 KB
16 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:30:07 GMT
x-content-type-options: nosniff
age: 441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 01:30:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C433 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 43219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C433
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ5aH19trZab7BJyVjuwPnYC88AHH0YTubofWoNvzEKX8zobIOBABIPX6qxZglYKAgLAHoAGKn8PCA8gBCakChxZyOYpCsj6oAwHIA8sEqgTVAU_QTWb7quabFO1-AjiK-xysBArBFL7QpBL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229122290522643083352%22,%22debug_reporting%22:true,%22destination%22:%22https://konicaminolta.de%22,%22event_report_window%...

0
0

85ms
49ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229122290522643083352%22,%22debug_reporting%22:true,%22destination%22:%22https://konicaminolta.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22944820106%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210819306518453051073%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9122290522643083352","debug_reporting":true,"destination":"https://konicaminolta.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["944820106"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"10819306518453051073"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:37:28 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:37:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9122290522643083352","debug_reporting":true,"destination":"https://konicaminolta.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["944820106"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"10819306518453051073"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame D307 50 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:49:45 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 34ms
34ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2c41c413b34dbe6c74900b5b99af975b95a2b1dcf03e6908396221851727a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12349
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 160 KB
55 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/reactive_library_fy2021.js?bust=31079861

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b07b085a9dcf27120cdd5900de8c4eba29c4aaff3a9bf019667937eee39b42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55934
x-xss-protection: 0
server: cafe
etag: 1935677083071507411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 93 KB
32 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/slotcar_library_fy2021.js?bust=31079861

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5814941088162332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9f4b09a8e295881221c8a4d9e3f20a572cfeb67edb7d5ccbd8832134643833c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32944
x-xss-protection: 0
server: cafe
etag: 10273956946991154034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10F5 120 KB
41 KB 793ms
791ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c7233aa5f0f9be411b54520846cf44c5bb07cde758075ae4ea3e1869a777926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F396 104 KB
39 KB 1051ms
1050ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af07b1f62353c8dfab4d4dc37fbbe73cf6201ec45bbfde3de5b239bb795e291a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40266
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E519 32 KB
13 KB 1106ms
1106ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ba9ebd4e7eaf75926bd8d6e4dd300c4d6ad088e4df6bd71e3d915a32a74db6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13738
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 134ms
59ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:37:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame C6AD 9 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 9A95 9 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame C04C 9 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 313B 9 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame C6AD 4 KB
671 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 01:30:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame C6AD 16 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 23:01:49 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame C6AD 22 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:37:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 9A95 24 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 12:23:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C294 143 B
166 B 15ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9A95 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9A95 20 KB
8 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H3 200 9094723822253094145
tpc.googlesyndication.com/simgad/ Frame 9A95 93 KB
93 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9094723822253094145?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmLfVmde3WY74XawN9CrpJWi4pFMw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4291965ff25f882989571e9754088769a8180c2f6fb61b071fa3e45eee8f83c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:49:58 GMT
x-content-type-options: nosniff
age: 28050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94775
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 02:38:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 17:49:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A95 202 KB
64 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9A95 36 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:00:45 GMT

GET
H3 200 9094723822253094145
tpc.googlesyndication.com/simgad/ Frame C04C 93 KB
93 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9094723822253094145?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmLfVmde3WY74XawN9CrpJWi4pFMw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4291965ff25f882989571e9754088769a8180c2f6fb61b071fa3e45eee8f83c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:49:58 GMT
x-content-type-options: nosniff
age: 28050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94775
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 02:38:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 17:49:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame C04C 24 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 12:23:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 213A 143 B
166 B 15ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C04C 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C04C 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C04C 202 KB
64 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C04C 36 KB
14 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:00:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B055 624 B
242 B 29ms
26ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQYoqy2_wEwAQ&v=APEucNWWJ_8opLBaXW92Kkx5z21HJ9SAcZPp4yNlFnzIjNxLpjsTyArEr5zDswsRRbUIMk2sPSaJXvzZThz1KnkMkUUVA-KgSFBNYr-yAfVXwBQJnA0O9WBH8oKmOo7NTtGA0x-JfLBPNI1WoA_rg1VWPjp4t0aQqebdDQS0QpwykGHEAKhpy6M

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 49B0 92 KB
32 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32789
x-xss-protection: 0
server: cafe
etag: 17194431578830737671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 49B0 3 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 49B0 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49B0 202 KB
64 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B0 42 B
63 B 49ms
47ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dlt95UI6MDDc1cv5bpR9t2oBbAflgu3vG8sBj4MKbP9gAedUjdCu7kVL0laTADCEc-qO9D7PV3jWifrUiouaA3ys56tgUM5bR9eIRkxfVa4IX1Dpo

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B0 0
20 B 48ms
46ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3689480796596287270&x=1&ct=119

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4DF1 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 22:31:35 GMT
expires: Sun, 01 Dec 2024 22:31:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F3FF 829 B
1 KB 262ms
35ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c6389c8685c96152e660a302ea05fb8e31f86eeedc60803737a563b3d39a62d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qi-LyWEKWfiCRdeGwyHZZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloxfruitsdojo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Qi-LyWEKWfiCRdeGwyHZZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:28 GMT
expires: Sun, 03 Dec 2023 01:37:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5814941088162332
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bloxfruitsdojo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B055
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKZmrw3aTbvDAiEWTNXi_7s&google_cver=1

43 B
734 B

26ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKZmrw3aTbvDAiEWTNXi_7s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQYoqy2_wEwAQ&v=APEucNWWJ_8opLBaXW92Kkx5z21HJ9SAcZPp4yNlFnzIjNxLpjsTyArEr5zDswsRRbUIMk2sPSaJXvzZThz1KnkMkUUVA-KgSFBNYr-yAfVXwBQJnA0O9WBH8oKmOo7NTtGA0x-JfLBPNI1WoA_rg1VWPjp4t0aQqebdDQS0QpwykGHEAKhpy6M
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sY3HU%2BwqpRTaFjoNMy9LBj5coAgIXeP%2Ba8H1JRhdRZyQjUJHE60%2F26rWVaqOvK6QlpAs66Z1ThliHMj022W2TxlQ7For8C3unvuOjKRDF8tu4Odd%2FUskR%2B9tIOtVWynFA4pbu3eH66OMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f815ac1dce364d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKZmrw3aTbvDAiEWTNXi_7s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B055
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWvb2DbigFlVss6j17fGyAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKZmrw3aTbvDAiEWTNXi_7s&google_cver=1

43 B
768 B

19ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKZmrw3aTbvDAiEWTNXi_7s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQYoqy2_wEwAQ&v=APEucNWWJ_8opLBaXW92Kkx5z21HJ9SAcZPp4yNlFnzIjNxLpjsTyArEr5zDswsRRbUIMk2sPSaJXvzZThz1KnkMkUUVA-KgSFBNYr-yAfVXwBQJnA0O9WBH8oKmOo7NTtGA0x-JfLBPNI1WoA_rg1VWPjp4t0aQqebdDQS0QpwykGHEAKhpy6M
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr6XtzcmCt2wVdb2jcRULmyt%2Fbf4SyNpRdaSFrw3Lvw7Rc%2FSgxEWrDOXOXv3d84KeOese%2BYAzAzglofGbumKBwmRs7D9vonSepVEsPlGWEt7eBKfZ4P7yKFpL6p8wAyVrN0CY%2BcfS1fENQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f815ac1dd2364d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKZmrw3aTbvDAiEWTNXi_7s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B055
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEmyQyxHehFrRucx4JgykG0&google_cver=1

43 B
840 B

7ms
6ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEmyQyxHehFrRucx4JgykG0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQYoqy2_wEwAQ&v=APEucNWWJ_8opLBaXW92Kkx5z21HJ9SAcZPp4yNlFnzIjNxLpjsTyArEr5zDswsRRbUIMk2sPSaJXvzZThz1KnkMkUUVA-KgSFBNYr-yAfVXwBQJnA0O9WBH8oKmOo7NTtGA0x-JfLBPNI1WoA_rg1VWPjp4t0aQqebdDQS0QpwykGHEAKhpy6M

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
an-x-request-uuid: 0ba2656b-e7d4-4443-82f5-22fbc9d13c38
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEmyQyxHehFrRucx4JgykG0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B055
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNzIzMzgyMzU1NzUyODY0NA%3D%3D

170 B
243 B

157ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNzIzMzgyMzU1NzUyODY0NA%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
an-x-request-uuid: dbdc2026-6eff-40c6-a3db-438e4ec2bbf3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyNzIzMzgyMzU1NzUyODY0NA%3D%3D
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0B25 24 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 12:23:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0B25 8 KB
750 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 01:05:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 01:37:28 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 0B25 15 KB
3 KB 198ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:42:01 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 0B25 376 KB
131 KB 199ms
15ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:58:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0B25 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B0 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=27548434234&version=m202311060101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B0 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=27548434234&version=m202311060101&ct=119&x=1&cor=3689480796596287500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 49B0 92 KB
38 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bf0kIhvhZmed8WvvyyqndnYsX0boZPefxK9p6yiwzu9UtYZZ714C2crkWGKkMVwM99Vh6RJEo2oRGpu9ks82OJDwj8-0D4B_FgpxwFsxy8a1u3a8pCQmJt-3CdSgv14XuBH6cQaS-MD_UGTxyWWxOiv4l3Hz4nBUUylyvFo_bltpi1QoU&cry=1&dbm_d=AKAmf-ArMprvURATURQea7WxaA0dKNHp9nin3DMJs4KD7Ru18bniEydidDuBlnUBVNoD-Mt2IJaXt8WYslfvZPmVfzrFtCyaU1JwSjGrxr5ndtwRtfxFshc3eAlr1tl2pDSCpDMA6WpqitiZI3jazrwkT6I5kd-0lqsdTYV9_5nacfmVLQ7cv1XZWcG0SGFHIUSLCh2CQ9qrzxZ7xTF65R3qC4zsv720XOBuLIuclfu_6RvmjDnfFoLkNuqPmrp5_kUpNWT5YPm7mnUb7mbZyEs7QAbaDLTLICEpEhuDw0DC7Um6_UcH4yBOdUJZTtZsudVtz56eJ6I6pG4462D8RPMUawrm0QLt7yyB0l8AbSTSObkTDzsgYnjWCYLBqJC-p_xDRu5sQ4VdNZm6iZCTTcAB2_jhZzGIwuTtA36X41-3FCjmaGqS7HYvCEdqkA3YroiQ5F_8b-eXAmmQ-_Mh9IyIsMTqCfyteZOFdpkaawqNLs7ql3c3fWkdfEaDIr1SViapqOziXikwgorLd0vOMVoIYH7JbNSGfN-j6wDWzjYlBcvHiwUSMZSB30IeZA-vWDQE61-KAlJeBN6K9hUnQQYzQGXkiy3QFej670JsuSReuKs6mSWAth8Pa17YWNCNsjVaETBmCiYrWeA9o8v93jqJlO8hKBIZaFklCK2DTIm6sAhtNfSEjz3FEeBspSO_z6uXhbRQsNSrcPibEiqCY7-fmxoHUdyEknTHb_njKOzqVX6Ulpelxfweq-TG1yFCLSQK8s6zqurp6qEUBr6K0Fb2uR3IjAFNpymZvKff64v3S1ZMhut8tLWv9iEYdCMowSK9HR031ySNNrTdn2U3M7h-S6s-UrWqEF5IL57DyURqLWjMFttEFufNQLuPwLu3pmxDF6YwJL0aSQMoZOQQpQK0CmPTT0USqdRfQcyDL8Sx5HjzygMuCeXThctSxmkDJ4gz5mI6ntKEutJxsrIaAp1qGDKoB_sPItBVel0OsLpiEIzerTr7UkP0QNdGCOECwO1c5-6nQZojVjEX5j5dPOM6ZMGCf7Rp-5qefD6xZQzNcFeH0B3oxJLES0StO48k_gvA5_o0RMiZ-R0IoBJ-51xbqphfahG4FSfzLFgv3Sfema8iHwX-IT6JD1P6QwoqFcAR24BXe_cCaLex2XjjPgF53LLQpZ078Ix2WyGyMAHlTzCaPUN4pv2ryq2DGiINZjWw8V3-zPxwUTTqrtTPiHRdPIpJgsJiSbvUgCNEa0xIpIMALHdcwKJ2ewCVZJ5IZpEfaQW_lpbUoa_4CGlDxvdUnBpuuKQ32A9CbCakNgL4pBNv7pGxTGh8TIkhQRbKpyxIhuo8LrhVgijvkex9m7ZM6BNIJLimbG1XULm4GOLa93v6gG3H-qnn7LVTZI5Zm5sUa15WdEfI66PjEa5okkUKsW_-jZUX3ieLtrw2qGhuZ8krKk6A-gdl_3BCzao8oc287qtExZNhNZA4rWkdd8VqsbQhCizlL6ihJFDgubZy_YZR6u6LUwr0eOqTzj3H45kISGIzfJPtI91BxDQs1Uww4bdi1gRFobjkljEN90xfERTUfPyOle81WH8AsljXiECeAXTwbdcOZeqpNrX1EN5JrriFVA-WqNQH_M1lHTCSrdmjTUfk_o3FIKU2lSRMeKyBn-bvNWZ3lWn3qhIqMgvKS6SEYCI30vZFAdlVlWZstDKg-QpbNewCWTHQPTWyfeRwJKMVZ9tSKlnqzW3sL4NMbY8wZG0DkZslAmV3uO1k_PuNFgVMkmhG39jBqd2uOPk4JwDWAZ3NxkDsWfjVQadh7RDHydaAS_vPUad55WZgh-K55Pu3zq4XzlEAmQaL_qCOorHJ1Pt6REbyJxQlQMdAcaqnwftTKXRfHJ9X1s-wlypXJVynEs4JtQ7-rYAwPDacXd6QBjqhMwGUxFtGHWiZ4i0qmM4GraXweOB5-RbqtIVoLFOdgD0tWOoId_qbwOTLn6G-knAKrJrsi1SxnmTe5xrtxoGZ5z7avxdP-Xve1bRC8JNVxhsMAmEN9Bh3Wko5R_lUYTTJQNMYnkfAe6DsQygYtJujmDNcnVMvpsnkPFyi8uN-IpGlstY8n_ttHgQYB5S6_nf1fFLkCKA3rSNWnczwZqdPCbCiIXkijGyznjGo3Os5vzGqE_UrBe1t6OK7qDwmovn7qqyXctbzyKe7GLIEhc_kCuw6MFVQmizN-GAhwSTjDCRQXiVx7aQge-autKcQ_bJQfN0nem4Lf4ycJj1btTWVK8zpw6fBfROD5ftjY5pzavO9BEpQKysgFJ2aEmFtec7iqrVS4qzNeM5g6C7UqPD1SbvhLK_demyfOc-AFfy62WPSMg46M149B4_gw508xmnnCwINwl8fkR8ba1Q0VrGkMoVekLzIoeV2fWgHlb5ukZl5Rp3XYt5J46LhdcJdxP8dxMBhb_0dDc76x7omgxB1pkFp7Ge61IXXQ5GoXKM0_MPARDcU6sB8l180NSIXiTWWH2yGOuSQmAWzoto8LEPh2VovNBfSnRBTjlzT9_jHs8VLFexg0pzaqoPI0_E3THzFzKj4ztrNylSWc5ifqtRIbbMGjXTOr1hyXK5dKLUjy7uZbzEIit1MJ21s1BnRoobCDfBGMUT8EAvVRp21Tl0F_JeXZLbUBPd07ji9aPTFTp0hop2ng-a9H-ZVLv6_qbHyDS4tR-7xn1bVM0KrW1sstHfYZi4NooKeAyk1uWCLkay9Y3mksra1R1Em47S1u08QQdhIsPRW3mWtlDJeA8aaQxJ1oH6i4L1igll8oNJ5gLw4Us2NowHO9AL9dC22YUDXU-ZshAk51EriPhpuSapTxf5XdS8C45pP5ipjLo8NQ6GzkmOV_98UaX0wIgbH8eQkvRZxN6-IzT8CqLegMCCw92zhdez67pf5ezwqFPc6KchwkKtmdn9FslX8FNAiZWQk0-d8UGjtG9ntLS40r2wCSb4lvb1h9MAKyrxIPOOEY5sGlIJT7xVSI1Byj7uVYpeLvgagDgAXDpBEjGTyLrRXjEwtlT-Te3vujo-x8xU3T8JE8WlovMZMayUa3Igtinj9tA1kRzzjHrr4rx96XsmJPBQGhUUlMhdgL3TC6wGuOc0LGrsFbvSx9hHLNyYz-c5jCPtcroSRjJ8mipsEMZ-odwUNkpf4Ll4r4ZZ0TJGs_mX65bOTyQgEtz7cxBfTEwkkDI6BFnWJYGgqUAN3w7gmrkR-cISa1WxedkHHJvczelIBQjtUsTE33wusJfvw9NgfLR1vACTAyEASLnxdmQuiUWXtR0U9gQz1Imk4H7pyS5tu2RHk-cpUVPxQIchDo5QhIljFZ2uR6SB7YMTg3pc5z2vIxLUN_GH4wqPNFE3i6AwCr4Eqlo1jnMbloCaSvivlbHJcrmHcN8Wc-jIa1jbPVeg6v34y1Rl3t2JTVhfPPSuLnUqgEJ4uUnT_BufuX5iJ0Aj9uUexrMyXdjfXdJquOkNFM8Id9G_ODfI21f19JM1WK4DJnuBmx5Xmchx-pMZNJ-zyojOnNxD5fGu75Aa5Zguecr4hWOLRkDPFv4HUiScYYjYxuCp_0RPL7ok5KMCn9gpnXoQrGObLjUcRulIRtgRMWHjhjOVJH3SRj3OtxZo3aRjhUf5cupPfSMBX4n0zStSD-RWDymWlLqQeaDDe3QbTkbTHJ5rspRa2cvf6PGPn_bOfgKqMLhOhb_TMbMBd&cid=CAQSTgDICaaNIo2EluffV23gU5TeAgVov8cxnT4JyvfVUh5--pyVMfOhnbnXP3VQNyJpexv4cxc5ELoPO4DHEdx8RMQ14vIIZifkhLNKyu38-hgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fbloxfruitsdojo.com%2F&ds=l&xdt=1&iif=1&cor=3689480796596287500&adk=2988274607&idt=34&cac=0&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab34afbd3612d8410e43e3fb941283590e82b84137c47f7313fc4df65bcb2517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38961
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C294
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
23 B

36ms
36ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:29 GMT
expires: Sun, 03 Dec 2023 01:37:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 213A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
23 B

24ms
23ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:29 GMT
expires: Sun, 03 Dec 2023 01:37:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DF1 39 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 49B0 111 KB
39 KB 64ms
13ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 22:37:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 49B0 11 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bf0kIhvhZmed8WvvyyqndnYsX0boZPefxK9p6yiwzu9UtYZZ714C2crkWGKkMVwM99Vh6RJEo2oRGpu9ks82OJDwj8-0D4B_FgpxwFsxy8a1u3a8pCQmJt-3CdSgv14XuBH6cQaS-MD_UGTxyWWxOiv4l3Hz4nBUUylyvFo_bltpi1QoU&cry=1&dbm_d=AKAmf-ArMprvURATURQea7WxaA0dKNHp9nin3DMJs4KD7Ru18bniEydidDuBlnUBVNoD-Mt2IJaXt8WYslfvZPmVfzrFtCyaU1JwSjGrxr5ndtwRtfxFshc3eAlr1tl2pDSCpDMA6WpqitiZI3jazrwkT6I5kd-0lqsdTYV9_5nacfmVLQ7cv1XZWcG0SGFHIUSLCh2CQ9qrzxZ7xTF65R3qC4zsv720XOBuLIuclfu_6RvmjDnfFoLkNuqPmrp5_kUpNWT5YPm7mnUb7mbZyEs7QAbaDLTLICEpEhuDw0DC7Um6_UcH4yBOdUJZTtZsudVtz56eJ6I6pG4462D8RPMUawrm0QLt7yyB0l8AbSTSObkTDzsgYnjWCYLBqJC-p_xDRu5sQ4VdNZm6iZCTTcAB2_jhZzGIwuTtA36X41-3FCjmaGqS7HYvCEdqkA3YroiQ5F_8b-eXAmmQ-_Mh9IyIsMTqCfyteZOFdpkaawqNLs7ql3c3fWkdfEaDIr1SViapqOziXikwgorLd0vOMVoIYH7JbNSGfN-j6wDWzjYlBcvHiwUSMZSB30IeZA-vWDQE61-KAlJeBN6K9hUnQQYzQGXkiy3QFej670JsuSReuKs6mSWAth8Pa17YWNCNsjVaETBmCiYrWeA9o8v93jqJlO8hKBIZaFklCK2DTIm6sAhtNfSEjz3FEeBspSO_z6uXhbRQsNSrcPibEiqCY7-fmxoHUdyEknTHb_njKOzqVX6Ulpelxfweq-TG1yFCLSQK8s6zqurp6qEUBr6K0Fb2uR3IjAFNpymZvKff64v3S1ZMhut8tLWv9iEYdCMowSK9HR031ySNNrTdn2U3M7h-S6s-UrWqEF5IL57DyURqLWjMFttEFufNQLuPwLu3pmxDF6YwJL0aSQMoZOQQpQK0CmPTT0USqdRfQcyDL8Sx5HjzygMuCeXThctSxmkDJ4gz5mI6ntKEutJxsrIaAp1qGDKoB_sPItBVel0OsLpiEIzerTr7UkP0QNdGCOECwO1c5-6nQZojVjEX5j5dPOM6ZMGCf7Rp-5qefD6xZQzNcFeH0B3oxJLES0StO48k_gvA5_o0RMiZ-R0IoBJ-51xbqphfahG4FSfzLFgv3Sfema8iHwX-IT6JD1P6QwoqFcAR24BXe_cCaLex2XjjPgF53LLQpZ078Ix2WyGyMAHlTzCaPUN4pv2ryq2DGiINZjWw8V3-zPxwUTTqrtTPiHRdPIpJgsJiSbvUgCNEa0xIpIMALHdcwKJ2ewCVZJ5IZpEfaQW_lpbUoa_4CGlDxvdUnBpuuKQ32A9CbCakNgL4pBNv7pGxTGh8TIkhQRbKpyxIhuo8LrhVgijvkex9m7ZM6BNIJLimbG1XULm4GOLa93v6gG3H-qnn7LVTZI5Zm5sUa15WdEfI66PjEa5okkUKsW_-jZUX3ieLtrw2qGhuZ8krKk6A-gdl_3BCzao8oc287qtExZNhNZA4rWkdd8VqsbQhCizlL6ihJFDgubZy_YZR6u6LUwr0eOqTzj3H45kISGIzfJPtI91BxDQs1Uww4bdi1gRFobjkljEN90xfERTUfPyOle81WH8AsljXiECeAXTwbdcOZeqpNrX1EN5JrriFVA-WqNQH_M1lHTCSrdmjTUfk_o3FIKU2lSRMeKyBn-bvNWZ3lWn3qhIqMgvKS6SEYCI30vZFAdlVlWZstDKg-QpbNewCWTHQPTWyfeRwJKMVZ9tSKlnqzW3sL4NMbY8wZG0DkZslAmV3uO1k_PuNFgVMkmhG39jBqd2uOPk4JwDWAZ3NxkDsWfjVQadh7RDHydaAS_vPUad55WZgh-K55Pu3zq4XzlEAmQaL_qCOorHJ1Pt6REbyJxQlQMdAcaqnwftTKXRfHJ9X1s-wlypXJVynEs4JtQ7-rYAwPDacXd6QBjqhMwGUxFtGHWiZ4i0qmM4GraXweOB5-RbqtIVoLFOdgD0tWOoId_qbwOTLn6G-knAKrJrsi1SxnmTe5xrtxoGZ5z7avxdP-Xve1bRC8JNVxhsMAmEN9Bh3Wko5R_lUYTTJQNMYnkfAe6DsQygYtJujmDNcnVMvpsnkPFyi8uN-IpGlstY8n_ttHgQYB5S6_nf1fFLkCKA3rSNWnczwZqdPCbCiIXkijGyznjGo3Os5vzGqE_UrBe1t6OK7qDwmovn7qqyXctbzyKe7GLIEhc_kCuw6MFVQmizN-GAhwSTjDCRQXiVx7aQge-autKcQ_bJQfN0nem4Lf4ycJj1btTWVK8zpw6fBfROD5ftjY5pzavO9BEpQKysgFJ2aEmFtec7iqrVS4qzNeM5g6C7UqPD1SbvhLK_demyfOc-AFfy62WPSMg46M149B4_gw508xmnnCwINwl8fkR8ba1Q0VrGkMoVekLzIoeV2fWgHlb5ukZl5Rp3XYt5J46LhdcJdxP8dxMBhb_0dDc76x7omgxB1pkFp7Ge61IXXQ5GoXKM0_MPARDcU6sB8l180NSIXiTWWH2yGOuSQmAWzoto8LEPh2VovNBfSnRBTjlzT9_jHs8VLFexg0pzaqoPI0_E3THzFzKj4ztrNylSWc5ifqtRIbbMGjXTOr1hyXK5dKLUjy7uZbzEIit1MJ21s1BnRoobCDfBGMUT8EAvVRp21Tl0F_JeXZLbUBPd07ji9aPTFTp0hop2ng-a9H-ZVLv6_qbHyDS4tR-7xn1bVM0KrW1sstHfYZi4NooKeAyk1uWCLkay9Y3mksra1R1Em47S1u08QQdhIsPRW3mWtlDJeA8aaQxJ1oH6i4L1igll8oNJ5gLw4Us2NowHO9AL9dC22YUDXU-ZshAk51EriPhpuSapTxf5XdS8C45pP5ipjLo8NQ6GzkmOV_98UaX0wIgbH8eQkvRZxN6-IzT8CqLegMCCw92zhdez67pf5ezwqFPc6KchwkKtmdn9FslX8FNAiZWQk0-d8UGjtG9ntLS40r2wCSb4lvb1h9MAKyrxIPOOEY5sGlIJT7xVSI1Byj7uVYpeLvgagDgAXDpBEjGTyLrRXjEwtlT-Te3vujo-x8xU3T8JE8WlovMZMayUa3Igtinj9tA1kRzzjHrr4rx96XsmJPBQGhUUlMhdgL3TC6wGuOc0LGrsFbvSx9hHLNyYz-c5jCPtcroSRjJ8mipsEMZ-odwUNkpf4Ll4r4ZZ0TJGs_mX65bOTyQgEtz7cxBfTEwkkDI6BFnWJYGgqUAN3w7gmrkR-cISa1WxedkHHJvczelIBQjtUsTE33wusJfvw9NgfLR1vACTAyEASLnxdmQuiUWXtR0U9gQz1Imk4H7pyS5tu2RHk-cpUVPxQIchDo5QhIljFZ2uR6SB7YMTg3pc5z2vIxLUN_GH4wqPNFE3i6AwCr4Eqlo1jnMbloCaSvivlbHJcrmHcN8Wc-jIa1jbPVeg6v34y1Rl3t2JTVhfPPSuLnUqgEJ4uUnT_BufuX5iJ0Aj9uUexrMyXdjfXdJquOkNFM8Id9G_ODfI21f19JM1WK4DJnuBmx5Xmchx-pMZNJ-zyojOnNxD5fGu75Aa5Zguecr4hWOLRkDPFv4HUiScYYjYxuCp_0RPL7ok5KMCn9gpnXoQrGObLjUcRulIRtgRMWHjhjOVJH3SRj3OtxZo3aRjhUf5cupPfSMBX4n0zStSD-RWDymWlLqQeaDDe3QbTkbTHJ5rspRa2cvf6PGPn_bOfgKqMLhOhb_TMbMBd&cid=CAQSTgDICaaNIo2EluffV23gU5TeAgVov8cxnT4JyvfVUh5--pyVMfOhnbnXP3VQNyJpexv4cxc5ELoPO4DHEdx8RMQ14vIIZifkhLNKyu38-hgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fbloxfruitsdojo.com%2F&ds=l&xdt=1&iif=1&cor=3689480796596287500&adk=2988274607&idt=34&cac=0&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:58:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 49B0 31 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:51:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 49B0 41 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
DATA 200
OK truncated
/ Frame 49B0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a677e536351a1e0a5daf0f9d5ce5129f39afe311c787f041447c97e6eeb87e34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 0B25 0
225 B 395ms
130ms Ping
image/gif 2607:f8b0:4002:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpotbqhj&c=360436640095&slotId=180218320047.5&qqid=COHH-tmQ8oIDFXCkgwcdAbQD7w&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c02::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B25 0
25 B 49ms
48ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CeE8_19trZaGABfDIjuwPgeiO-A6jjIHMdO7kmMGmEsCNtwEQASD1-qsWYJWCgICwB6ABudKjyCnIAQWpAocWcjmKQrI-qAMByAObBKoE9gFP0O4mFKCvsRAu-QGMKUtEo6NA0NdlYw8-ZiHqzYR6kWC8ATur83BFPwLk1lbeNG6f19ljupmJbglQ2NY6EKwgQ8hxensXKgj0hTpatCH74m3vOy_ScdTIgQjxTIrZPpG4-Zgn0N5pMFfS56cjrEXbJL8yCjhADHYAbZBxOBEEECazX9v7HfaulGRhUs4tA7--nfCGt_1UpH6HEiHTVtocimViFkH0jx0xQL5uwbzu-dPFZ5UJgtQy12_KiRW0UhaL7MmuUGbusOGVIi9OkVHn6IopcTg3BSSKcP0Wb8eMjDcP62aMa4Dy56AFxe5X3dx9L7OAK2bABLvQwMrEBOAEA4gFx7juxk2QBgGgBnaAB7mK9KcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYwJ362ZDyggOACgHICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE-Dd6BXIE6-ik-QD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1701567449056&ai=CeE8_19trZaGABfDIjuwPgeiO-A6jjIHMdO7kmMGmEsCNtwEQASD1-qsWYJWCgICwB6ABudKjyCnIAQWpAocWcjmKQrI-qAMByAObBKoE9gFP0O4mFKCvsRAu-QGMKUtEo6NA0NdlYw8-ZiHqzYR6kWC8ATur83BFPwLk1lbeNG6f19ljupmJbglQ2NY6EKwgQ8hxensXKgj0hTpatCH74m3vOy_ScdTIgQjxTIrZPpG4-Zgn0N5pMFfS56cjrEXbJL8yCjhADHYAbZBxOBEEECazX9v7HfaulGRhUs4tA7--nfCGt_1UpH6HEiHTVtocimViFkH0jx0xQL5uwbzu-dPFZ5UJgtQy12_KiRW0UhaL7MmuUGbusOGVIi9OkVHn6IopcTg3BSSKcP0Wb8eMjDcP62aMa4Dy56AFxe5X3dx9L7OAK2bABLvQwMrEBOAEA4gFx7juxk2QBgGgBnaAB7mK9KcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYwJ362ZDyggOACgHICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE-Dd6BXIE6-ik-QD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0B25 0
54 B 416ms
162ms Ping
image/gif 2607:f8b0:4002:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpotbqht&c=360436640095&slotId=180218320047.5&qqid=COHH-tmQ8oIDFXCkgwcdAbQD7w&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1qo&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c02::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 0B25 31 KB
18 KB 118ms
58ms XHR
text/xml 74.125.71.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CNv6zKZFbvduSRlvPGgFYtv_KdV1DlFj8zU6Y2fbSQsEtLVKuwskS9oWCbv8J7r1pEqKkPMI8cmpSLlWu5ro7vkgapHw&cry=1&dbm_d=AKAmf-AHZA_8k3HrmvgzznuUM0sdh1fIs1y_YnEvfyqu65maVhmAlMLHrWsT3JuUDCROY8SQ8aaaNJBQsHekhtgLf-A7fgJ10Pgv8Z2NWYCR_lNU5T5Ttv5sudozQeH4BMaFfX4GdHaQORLdP78Yocdp29tX58KFgbbiAYBBLt02vxowrQ-4Dq4tUqwmZgAAJbXhb_jJWpxwhcQcOZKvoYz_jBySbF8BTuo9NJJoBMkL1VXW_VygRgWEczzSUfgDaZxpJ1fK5ipE2r49658DK2y_fGHeGdIBjFOlUTOoebGNSB18mqQwRKaDGKEYJjFPHGU9LXeuUbmomVNGXA-a2gvbadE0H85JggpOqfsMUFmyRC7evW5CNbT2ucTGQMnylKZ8XAPsD82se_9-peh-hMiIIp9XX9aJjtEqZdy_-H6jdqMeQ_yJgmw9yIFz4nm3YhB0SqhHl2De69vwtgV2cPlqlhTRpeLJyPuOFt_JncTVPpowFvtaZAAbEkmJIXY9_HdVwrgvd6ZdHsLOGw5NoIxAYx_aJ_5Q6EpgqSBSnMbkbY7e0DWfhTPyxOFZcnay-VGzIuzSjapFrGq1HXC0kOcooPURHVlyXVkC3CkuNy_nXM4PEmTOy9Nzbn_H02SE0euqPh7ht9mNtzJJ7lkabnqWZyD4CfJFa12xd4QdeAJ419DvS7-16-QZmJLqfSRY2gcWojsA8qqrAwKvIM36vt2ioAVUprwOkYq1B07zNs8vKbimiRp85kRjJZ7-WNLSwHbzUGDd4Xek_IHoxs6_0Gxt9akB23jnTS8BZiXoLV4co-P2M-b7m5jX8tp1-BkNu4t9jOrZ3Yn7CPhWP3SbQHAyxIDVdIcv_lcPRfwLQb-sHefZFIEasz2nU9qWo2RrhYDY3bi7ssZIwOBCgnOp0Z_xuwEOATH40rKMZRELGZhlVLtWBcqnklsXCJJC6lS6E510gRHq0KeQQ-LNzWKBGvt0QCvPWCKCiXWbWkfFxGndW9wdECaDy5tqz152IipZb1-92A3oJui8d-FriFeCXJxG9VVOXDL7x3q98RNS2jMN4ke4asckXdza57EPtHzcsmekmq4NUXVEQuYVzgffmgVsFt--TJGdRm-4ucdb-uJLVOXjseCMT8T-PDq942h7I1lXbAGwpSPA7Fw4zRdsVWnCey-uOdPJ3PVsy9EdXHqzX8UAPo3hy7bUhiIdeQUMZ2zQm9OeDi7qjnaa0_RZGYGranSS_McV1VPbFmqYaxBBHi1Dlj3o2KdlOixR3BmvG4HzCiHwA2LxpEBagyFIu2k0lVPMdFk2Doa8ruZJAJgmyIbi1hh-ULwNtbERQF7MlfmN4t2_kinvvAvvfw-xNXM-YmfjKusjuUANse5IrENUTSZgaQPvEg4oUwqWKbT2KgtlA2CNJBTbEuR3d7NR_bw-KJMzqGeyhVdjMQJi1DB8G81ilON3DGDxyz649Rlvfl8sgj2qzAyWzXGGFU9YF6hux3wsjEGLxk9Eez4u-H_t3qZFCc9wx22QbjefZGNiQSwT1X4kGlNTBffxzvxuw39LDENiwwokRLh0V9k8RKMTGDOCZy8c3PIzs0YIlbI3Tvt7ic4jtl0w7uoJYG9gDZKiXLGfhqbXILajnY5-_SLJBRVR4IvN-2RwvHtsXlRVxbS7trdJEIm_Uv3i2_G6O0VPEwRnetB__SUmuK2bVCfELyd9mcX7_LESKbKa7KmCj2hFzs3JOmQ-E9H-y3e1hKG4RfPVAih-zzUq1q2IvXv3GcsxgHxEMyG-lvHD5Ljp7dlBq8jSkYRtjHVGBMdorKu5HKDKUxl0cOw7m8WlGmnvA9rM14zHFaDkuxqsyhrd6iTOsuN1MAC-Ni5icoWHwPQyxJmytLn8lqSDs5LYs4qnAirys2DpR4xi6dsDYyRUljAdyb465dDA7tFPB1Fy0_qHN5lrwfMo9mCiSk7oLrk96iZySoKIqF1pXT2aNK5g8trbdpuKqdm5LR0W-fQxjwRVotnmQLlcGCQrrDHUgR8F3NPEyfbzCQU5q8F5Z7KTqoY7UtDipxXU5LDhUo8Wxok1ykXkoRBuDjKbmbfosK2vnPh6J1LBYKuo2HnVmVUiYUzskEKc6REnrYR6b9AjMGrvRFonhk1oUr88FU4tJX5vlvhInfqSNvdlwc7Mjk4cvkW-sP_TqTyBbEhGN1keQa-AqiFmRi4E-hA1R-oJ1z0JK7nuHNJ-_Gn_U8KfWiZebNT6G2ZCwTPIKj5tYbooTnIadxKs0UYGhg57KOXpNRFJ4Z5uvQyEtsXWMI_dPD7jxLhETb1WOd2nlMh4vV-Gprc2cpeR7E8In8-8Yaz88yQcWZ118FmqIFD8UcaHeRzx9CJQHQ_lSuConddpYY8Dj6q4-9N53wKsHz1-iqbx3FhZRKvpAjEyMBgboZyAtopoU8eEho9oRqYiJNoDhe1YC8Ugs2TaPyStkL1z2lTZ_7UROIDQAXKi4uec4rh3QWRq3wYS8qaazOCWvpXniOzLjwwcRzwimJ0mWHFFxKh4y3rqjSfH613oXDL0pnGCqYxPrXUj4lknMJMIls0vI6cLM_nLwWMhunhruL5h2NIn--QIi5yjf-d1V_Mazauf405CvO_Z1vZKNmuq9v7LxFLY9PW_U7QuUYPsoyyfbnAtrqAS0IuHraroKU2q4V45Oc4PX4YB38J3XTMtY-TxGiH51B4C7QsyUMlPGTjS3U882qBrTn8Og_X_zMyEFnL05cNQFkOhCarrpw13ONQ-6grvL6jj0VC7w-Lw-V1Z7LgiCXxMNIAMiKrL6DUmXiqVBUXLN4ZpqMpDDdGgq_2GiTqjMKw3Uc_Umd7Iwu573RJGflaxjrU5F06CXwIBgqOlyDEZO9KIg8aBI6JrD0-w_qqd2IbbZsLEiC3yAFatcrbnsQw-PqSkNuPdFd0Pn5dOy6-_32UjKScnYz7FJLbo5R4n82oVJAt8aEbgxQPFlrG7J8UM9ly6QXtm4rZ8O_mIQDdr6MDIF1Y_NLUxcIuonkRXqta_2TF4tLG3lmvmVheMoZO7ku4c6hwBBoxSDv5-8As5AqTTnoorWaFNSrkSys94Pd45g0as_hdH0kxUr52GDG8epS1RBXprl8CgoWRO2iVfXTwuH-jv8hc3sHXHQC1n1ik9Ue-vZCgA3dYBCCjVkuYH7la3GE-uBjB34ZOOnyu0mgr64h6V3btufT33VidqbyaLnTo5-opDjzqIcIHNUhcHGymN1-ZV3Buua3yglygADHy29tkNcgJquHXnIriAXdq4EVXB4knaKu4Yz_PT8rb-i9NhMIcRzyNEoR_91ZlVRLpEkLYaigY36ik1D1NdSfXN74V1jaQK0F_HVhJIAVLeikzKeCcxzF_qes56pKmH2jqeEwkL9niqkSEKodsiPRjTKPP6fGmSU-0G-OnBsA09QAo83vn6Xe87wgVojP7c_ZIJbl_5peGaPUNhHWbdzsfks38XfgLd8wRbLmq9OHcWLm-O-wXT4QvLWvsPM_W0SfaCFl7LeLfUQzeKZFl41QmPwmhFLQikxe_Ja6ZZJlVHuM4moQ5qJmd3o-8fOxJZmBBUpxCC0wcUPdcikNA1Io9RmEfA01kFs_hc1i8vBh-F-FKd-eXBD2lh9bGN7fxxKUlxzEHrt5RDp6ykOyUiX3OVnFLRuVMCMkOvrsLcbv50C0ARYJcWnHcbzwCfcLyTUmK-ehpvS0JnVHYHFkwbAo64op-ZwE4kyg&cid=CAQSTgDICaaNIo2EluffV23gU5TeAgVov8cxnT4JyvfVUh5--pyVMfOhnbnXP3VQNyJpexv4cxc5ELoPO4DHEdx8RMQ14vIIZifkhLNKyu38-hgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f157.1e100.net

Software

cafe /

Resource Hash

92dc8028d23f7578c53788e8b2176a00ae0d696d627cfa495692db6e3faaa58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17501
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3859 38 KB
13 KB 17ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 134042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:23:27 GMT
expires: Sat, 30 Nov 2024 12:23:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F3FF 0
0 47ms
47ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3252580902845133&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1876137525177158889/ Frame 520C 8 KB
3 KB 46ms
16ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b64b933931e3e0eb6f2f53046293ba8a88476634c2a458117bf8d59597b766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 118248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2761
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 16:46:41 GMT
expires: Sat, 30 Nov 2024 16:46:41 GMT
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 49B0 0
0 127ms
60ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDQvNLdjtg9e-TI-UDfEucEEDvkzhOnnE4Uozz-mwjyDFPfRgBTsiPZcbkkyG_-JKFTvbq5M457NyIYrFJuK6xRo9ZN2aqiuoYYB6stMlYOcNvon6FpOqmeO3DdRKwikY0BhAjxji2dHwXWku2cVjMnfZg-pcV-NJvMSloGYiSDiPUZsPIxVHOD2J18n83EJA_OHW7QKq9MB0CU6ciqReVMjysCRlY-1RFeMFV3q3BcqocGp84UVOjXc2AwgJPiTL2YO-SkKIeo-EhNpMWW9YY3e0mAMrJLt4VuW56Up8315NlGKo-jMvni5nyOzWCr2YOP0IXx7ZnQ78HCmqQGdQ3_o2mVVlYXfzSJr9cV85Q2d7TQgSG8Isj_LAthhnzfkKb-TwhCgMIyY28xOipERtezq-AJeBs0gyqZnLtxrAC6pjaSErXhPb3iRWVBlAgDYm7NmQ5TF8g2LW1Vl8_KBQ9LVDdLwTAPdlOXaXZ1ek4zw13EtSf2TbVQzLji7eVbDHJG9YdAQzZEJqnbPd8ypQQI5TazVDZ4iqsMvRT9EXClcB23vdAHm5N8OgNFESdfxNj8ZlKnXaBICZBxhFpdLKzX3FFysJVHvA8gksVHdIoYe6JMlbY1N0g3XCKadvvjPhyJETCdqNdZINOtqkDLm_vvoUGSIXG9rb4EbmjIf8q-x186o5_jv6H-BfwSLeHd0Xz8zGuP4SWTAnywhP-3oStftHamlqGU6R-fvoj9whH-V2bbLSpWm5ZwmXCL1_XwPP3h1vG3rl_DL4fuH8voHdlZNjNWK2E0DWFMDkGiQCIQG87_f7-Af6uMkVIMKYDvAZRVGMasRWDlUUsEG2BaGRsQoZYVxn1ULYwHbHilMlH5m2s_irXdM4W4tn4pW28f2C1rarLXaLpezgP3bIDuCp9F-uF4HMFUGCFaEEP00Yl7HgQOl67bApr55yXzuoOODhayI_lmxkMT9nW4L99gxXXIazVpT_ETPZuRQpVhukdqDvTNf54dqjtpubejDSGN_0YnlZQDXp1QYxj9mjV9TohhNWv30w9I3alamXTVxU_8UuFLG5-xh8GZGKhwqzEt6lJylYkoheaGSyCjwGhtJJauuevoX4MjHzco0C7M0BTOyfW3ckvEsr9eglPhYIp54l1esgu49HzcJ_sIDPy67LNGdNCAbGPictsvdy98rp_sAu_97wyDMpVoD90BTIk2k_dMwwF4Fmvo1xmw5Uaap6hMB6RmJPLHxwAj-76olOeDSy9pFtbiX3uH2dHxDbclhz-RNwfECdNA4q0Gy-fwzhc98nMTkLqwLkzb7te-A6OxoxWu6bKSg&sai=AMfl-YQMWPqdbVW8DXKbYjheJHH1ElNcxddjp-mb38eesisswUxORmpDoeCLhHd3XmY_KB31F9PUq-aEWhrB0H4PyJKYkHxCuo8EniODKJcCDrLsbKzSZyGMWD1B9zefQEeOlidsjiWig6z5JBPQ6GbHj48Nq8CYEtEZm1OY4N3WXMtBmt65q5FL1Vi80kfUL_7xrOOiMHaqkQ-VZ7JjoT8uDxZ_bBARpkBbg1to2Nc2iC_yqYHz-WNxBBMEoxW7UGg03noL-PG5RDb3RTCUDQEBZ3aBVhWVBfaN6XAEmQ&sig=Cg0ArKJSzNFCJWBPsJF9EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=220&cbvp=1&cstd=216&cisv=r20231129.18382&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:37:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame A160 50 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:49:45 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame B0A6 50 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:49:45 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0B25 0
45 B 237ms
130ms Ping
image/gif 2607:f8b0:4002:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpotbqi4&c=360436640095&slotId=180218320047.5&qqid=COHH-tmQ8oIDFXCkgwcdAbQD7w&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c02::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B25 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 22:32:49 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/b30bbaa701651f16/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733103449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0B25
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b30bbaa701651f16/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733103449/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/b30bbaa701651f16/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733103449/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

297ms
174ms

Fetch
video/mp4

2a00:1450:400f:3::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/b30bbaa701651f16/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733103449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34BEE1FB8258A30B4F2C34556DB537D334EE3130.0D7626046253FDF3F60D5916D020FDA9F53FB47E/key/cms1/cms_redirect/yes/mh/gW/mip/2a00:c98:2050:a007:2::8/mm/42/mn/sn-5go7ynld/ms/onc/mt/1701566759/mv/u/mvi/4/pl/57/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400f:3::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:37:29 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4318257
Last-Modified: Sat, 25 Nov 2023 18:39:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 03 Dec 2023 01:37:29 GMT

Redirect headers

date: Sun, 03 Dec 2023 01:37:29 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/b30bbaa701651f16/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733103449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34BEE1FB8258A30B4F2C34556DB537D334EE3130.0D7626046253FDF3F60D5916D020FDA9F53FB47E/key/cms1/cms_redirect/yes/mh/gW/mip/2a00:c98:2050:a007:2::8/mm/42/mn/sn-5go7ynld/ms/onc/mt/1701566759/mv/u/mvi/4/pl/57/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 520C 236 KB
63 KB 80ms
19ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 03 Dec 2023 01:52:29 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/1876137525177158889/ Frame 520C 78 KB
10 KB 17ms
17ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae230bdb5bbb6a374f1d74c9d9cba1403c6a655b57b833a8f02efc5c7b2e5dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10534
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:42 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3859 39 KB
15 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 10F5 4 KB
655 B 31ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 01:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 01:26:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 01:37:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 10F5 2 KB
828 B 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 12:24:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 10F5 24 KB
9 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47639
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 12:23:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 10F5 3 KB
1 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 10F5 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 10F5 0
0 34ms
32ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0lKS0LXPv0J0jSjWDAmMwmMbVgPcYOvzoJMmANcOORtrpUuLirabIJ6byjJpxWpCDLVmLHC41_IE_xcy4IK_7WEBz3A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10F5 202 KB
64 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:29 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 10F5 37 KB
15 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C433 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEkZdpSGLnbfO8sCRw_6sYNx7Qq64JRP4sIJMa4O5Z--SR1zt8QxQPEiNP6Wm-bIbHwuPxZMndNUDUZpmUDENpy_Ldw7GQhev4LFRHYx6vKfcNwoegf7Bz-37sVZYY-9TETkhPMqddBStJ&sai=AMfl-YQmTZYIKJbsQoRKa1I3_ZU6Vey2uvKY_LWPy-J73_vfdV2t83Ef_ETr1SzKxMNF5RU-kttQKPD0_It8SXvLhNavpcPzCTYb18X2zw1FylfA3-d1nZVkCn5iFvjWEMqSg2kVv_QR40lxQ7uoRSwI5vi8ZOEGJRY4lLY&sig=Cg0ArKJSzNr7nPYvybL6EAE&cid=CAQSTgDICaaNFAVQtwRfnBR4uZbdnEY3ifHCVZ8cdMNupvo052iDuhAumZ1a6VYVuCqcdfg8X-Psm0w6my16ipZ7qdh3brcpb0m07HkSatzlIxgB&id=lidar2&mcvt=1070&p=0,0,280,1200&mtos=1070,1070,1070,1070,1070&tos=1070,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701567446822&rpt=1554&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A96E 23 KB
8 KB 15ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 101473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 21:26:16 GMT
expires: Sat, 30 Nov 2024 21:26:16 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F943 1 KB
650 B 13ms
12ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4DF1 0
12 B 13ms
13ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iUOXyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/2393207814724294971/ Frame 10F5 16 KB
16 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2393207814724294971/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5a5d903725cd8936f70138caeeab7bdd043e19af4feb7ffc51e01f346fa3042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 12:26:44 GMT
x-content-type-options: nosniff
age: 565845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16821
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 15:22:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 25 Nov 2024 12:26:44 GMT

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/18238337852266318280/ Frame 10F5 8 KB
8 KB 17ms
16ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18238337852266318280/2728354180183721846?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372a09f4ee236cabd4e8bc1f6705cf6c1dd3092538ad23cdcb344aaa431f09ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:50:22 GMT
x-content-type-options: nosniff
age: 550027
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8457
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 08:34:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 25 Nov 2024 16:50:22 GMT

GET
H3 200 13816292131226645832
tpc.googlesyndication.com/simgad/ Frame F396 30 KB
30 KB 15ms
15ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13816292131226645832?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qllN86medtV9BTjHN8l8HyEypH8MA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca0ddc17cdf11dbe3280887641ae1e8509672b84447f336ee9258c702dfc340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 06:44:16 GMT
x-content-type-options: nosniff
age: 240793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30448
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 02:38:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 06:44:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame F396 24 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47639
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 12:23:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame F396 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame F396 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F396 0
0 22ms
22ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTp4JR5oT0N7gNVsHRD3lF6OsxDGKuHC6NuSqKDfutjQ11atmHGKiwWXwrCMlXDrsyz9F2VCdFkWShYl_AIfClRFm9fuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F396 202 KB
64 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:29 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame F396 36 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:00:45 GMT

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 9 KB
9 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/background.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81d4bf80a43b24660f1eb1e0884bfa90790e644f781a30c596d1b05f6c77af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:42 GMT
x-content-type-options: nosniff
age: 118247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9669
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:42 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 49B0 0
0 52ms
52ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDQvNLdjtg9e-TI-UDfEucEEDvkzhOnnE4Uozz-mwjyDFPfRgBTsiPZcbkkyG_-JKFTvbq5M457NyIYrFJuK6xRo9ZN2aqiuoYYB6stMlYOcNvon6FpOqmeO3DdRKwikY0BhAjxji2dHwXWku2cVjMnfZg-pcV-NJvMSloGYiSDiPUZsPIxVHOD2J18n83EJA_OHW7QKq9MB0CU6ciqReVMjysCRlY-1RFeMFV3q3BcqocGp84UVOjXc2AwgJPiTL2YO-SkKIeo-EhNpMWW9YY3e0mAMrJLt4VuW56Up8315NlGKo-jMvni5nyOzWCr2YOP0IXx7ZnQ78HCmqQGdQ3_o2mVVlYXfzSJr9cV85Q2d7TQgSG8Isj_LAthhnzfkKb-TwhCgMIyY28xOipERtezq-AJeBs0gyqZnLtxrAC6pjaSErXhPb3iRWVBlAgDYm7NmQ5TF8g2LW1Vl8_KBQ9LVDdLwTAPdlOXaXZ1ek4zw13EtSf2TbVQzLji7eVbDHJG9YdAQzZEJqnbPd8ypQQI5TazVDZ4iqsMvRT9EXClcB23vdAHm5N8OgNFESdfxNj8ZlKnXaBICZBxhFpdLKzX3FFysJVHvA8gksVHdIoYe6JMlbY1N0g3XCKadvvjPhyJETCdqNdZINOtqkDLm_vvoUGSIXG9rb4EbmjIf8q-x186o5_jv6H-BfwSLeHd0Xz8zGuP4SWTAnywhP-3oStftHamlqGU6R-fvoj9whH-V2bbLSpWm5ZwmXCL1_XwPP3h1vG3rl_DL4fuH8voHdlZNjNWK2E0DWFMDkGiQCIQG87_f7-Af6uMkVIMKYDvAZRVGMasRWDlUUsEG2BaGRsQoZYVxn1ULYwHbHilMlH5m2s_irXdM4W4tn4pW28f2C1rarLXaLpezgP3bIDuCp9F-uF4HMFUGCFaEEP00Yl7HgQOl67bApr55yXzuoOODhayI_lmxkMT9nW4L99gxXXIazVpT_ETPZuRQpVhukdqDvTNf54dqjtpubejDSGN_0YnlZQDXp1QYxj9mjV9TohhNWv30w9I3alamXTVxU_8UuFLG5-xh8GZGKhwqzEt6lJylYkoheaGSyCjwGhtJJauuevoX4MjHzco0C7M0BTOyfW3ckvEsr9eglPhYIp54l1esgu49HzcJ_sIDPy67LNGdNCAbGPictsvdy98rp_sAu_97wyDMpVoD90BTIk2k_dMwwF4Fmvo1xmw5Uaap6hMB6RmJPLHxwAj-76olOeDSy9pFtbiX3uH2dHxDbclhz-RNwfECdNA4q0Gy-fwzhc98nMTkLqwLkzb7te-A6OxoxWu6bKSg&sai=AMfl-YQMWPqdbVW8DXKbYjheJHH1ElNcxddjp-mb38eesisswUxORmpDoeCLhHd3XmY_KB31F9PUq-aEWhrB0H4PyJKYkHxCuo8EniODKJcCDrLsbKzSZyGMWD1B9zefQEeOlidsjiWig6z5JBPQ6GbHj48Nq8CYEtEZm1OY4N3WXMtBmt65q5FL1Vi80kfUL_7xrOOiMHaqkQ-VZ7JjoT8uDxZ_bBARpkBbg1to2Nc2iC_yqYHz-WNxBBMEoxW7UGg03noL-PG5RDb3RTCUDQEBZ3aBVhWVBfaN6XAEmQ&sig=Cg0ArKJSzNFCJWBPsJF9EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=642&vt=11&dtpt=422&dett=3&cstd=216&cisv=r20231129.18382&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: bloxfruitsdojo.com
URL: https://bloxfruitsdojo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C371 143 B
171 B 14ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 594E 1 KB
650 B 35ms
24ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cloud_small.jpg
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 5 KB
5 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/cloud_small.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48785a4d40b13f059fd7e607381728675d534d26c8bd4bbab39917fdcfcfd4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:42 GMT
x-content-type-options: nosniff
age: 118247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4618
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:42 GMT

GET
DATA 200
OK truncated
/ Frame 10F5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bd0f7c26b7f29dc7abb779c1dabc29d1223a5d7fe8870a7be197c3976e614ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F943
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEROX-0QSk1T5ZjyBqDnEyY&google_cver=1&google_push=AXcoOmTW0xzUGHcHp2mdaannPi2SJS2r1NKrWmRlKJ704KZBNHr9sjOJSBDPoCAelhVWfKn2jep9VjhWIZvciIkoKGvWmODf4rIFqg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=32CC7D9C45E544C383A0535EF38DB24C&google_push=AXcoOmTW0xzUGHcHp2mdaannPi2SJS2r1NKrWmRlKJ704KZBNHr9sjOJSBDPoCAelhVWfKn2jep9VjhWIZvciIk...

170 B
188 B

46ms
30ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=32CC7D9C45E544C383A0535EF38DB24C&google_push=AXcoOmTW0xzUGHcHp2mdaannPi2SJS2r1NKrWmRlKJ704KZBNHr9sjOJSBDPoCAelhVWfKn2jep9VjhWIZvciIkoKGvWmODf4rIFqg

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 01:37:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=32CC7D9C45E544C383A0535EF38DB24C&google_push=AXcoOmTW0xzUGHcHp2mdaannPi2SJS2r1NKrWmRlKJ704KZBNHr9sjOJSBDPoCAelhVWfKn2jep9VjhWIZvciIkoKGvWmODf4rIFqg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 02 Dec 2023 01:37:29 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F943 70 B
149 B 142ms
17ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECQBlodgY_NFa_r94rUlj2U&google_cver=1&google_push=AXcoOmRs5e7FKNPq7xsD3TJUmbtkM5GMrB225bckXyggfK1wlj3PKgH4ArnzbLBL8VLNxCE1F9xqSc6tepAwjlXnOS1Vohq2ZHUbAN0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F943
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELLM457SuHG88GcLI8gZf68&google_cver=1&google_push=AXcoOmTuiEhJko4i4pcWVu9cnoKb0n023Ob3aKfMXz3W7KvEpoOohmTIP850m7m9y33P6SeXCP-67AaYym6T1quWe0gl20LWfRX66zM
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTuiEhJko4i4pcWVu9cnoKb0n023Ob3aKfMXz3W7KvEpoOohmTIP850m7m9y33P6SeXCP-67AaYym6T1quWe0gl20LWfRX66zM&google_hm=Q0FFU0VMTE00NTdTdU...

170 B
188 B

35ms
33ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTuiEhJko4i4pcWVu9cnoKb0n023Ob3aKfMXz3W7KvEpoOohmTIP850m7m9y33P6SeXCP-67AaYym6T1quWe0gl20LWfRX66zM&google_hm=Q0FFU0VMTE00NTdTdUhHODhHY0xJOGdaZjY4

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 01:37:29 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTuiEhJko4i4pcWVu9cnoKb0n023Ob3aKfMXz3W7KvEpoOohmTIP850m7m9y33P6SeXCP-67AaYym6T1quWe0gl20LWfRX66zM&google_hm=Q0FFU0VMTE00NTdTdUhHODhHY0xJOGdaZjY4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame F943 43 B
146 B 91ms
10ms Image
image/gif 35.157.253.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENVOJTTXgNSTyUVTlQoAGMA&google_cver=1&google_push=AXcoOmT_dnJ_tJPkthNarFk6--Qw4u44X2tC6mu8yeBKApD2XHu6S86mpOnxVO027dNQfVkETsmZrVbKXeF0vjxrekU-HBwXelYi6Bo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.253.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-253-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F943
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMrkjDu5K806SSFfKvQK6z4&google_cver=1&google_push=AXcoOmTRG7K3K-8PZuXGjaAx4C7OI3Vw_QUirPDt1rZKq0atYm2aAF0S_owx_py8VkA3J4chyJT6FpJx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMrkjDu5K806SSFfKvQK6z4&google_cver=1&google_push=AXcoOmTRG7K3K-8PZuXGjaAx4C7OI3Vw_QUirPDt1rZKq0atYm2aAF0S_owx_py8VkA3J4chyJT...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1Njg1NzU1Njk5ODgyOTM5MQ&google_push=AXcoOmTRG7K3K-8PZuXGjaAx4C7OI3Vw_QUirPDt1rZKq0atYm2aAF0S_owx_py8VkA3J4chyJT6Fp...

170 B
188 B

33ms
27ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1Njg1NzU1Njk5ODgyOTM5MQ&google_push=AXcoOmTRG7K3K-8PZuXGjaAx4C7OI3Vw_QUirPDt1rZKq0atYm2aAF0S_owx_py8VkA3J4chyJT6FpJxSlgToJeuc1JY1vJKx5jn7Ko

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1Njg1NzU1Njk5ODgyOTM5MQ&google_push=AXcoOmTRG7K3K-8PZuXGjaAx4C7OI3Vw_QUirPDt1rZKq0atYm2aAF0S_owx_py8VkA3J4chyJT6FpJxSlgToJeuc1JY1vJKx5jn7Ko
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame F943 43 B
297 B 198ms
23ms Image
image/gif 2a05:d01c:1d8:8100:9449:420b:1a77:b906
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESELduEnOK5Lk-ikpktUEoo1I&google_cver=1&google_push=AXcoOmRACCxTEWcBN1dlL-oN0GLgwiq9rRMdek-Kn-e_0ew--Gx26WM946TF_01TOt6YaXZSVUv80VpycILQp3tDxqCDC7C2oO-Omb0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3134435376~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:9449:420b:1a77:b906 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame F943 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F943 0
50 B 26ms
21ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdA8uaawvdTCYAtWSWldGLwgk1JiAkVM0_eTOPgCTj6O9tGypmhb5vRqkuspMr_eH7_dTU1g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6D60 640 B
268 B 51ms
43ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWzpqahETiooF_4zIKzRJ_b3JKa0yg1LqT8rZ6ra6LbNZs8_bdeFIcuN3un2fvKEGB8SuxthI61OQULpzO1a6I0C7VMSf5P54UErldyKfgrQvmrwupNO-0lpvfFjaOS_e7J-4DhjZLQjszN55akNtif0QG18UOMyFqEfIeNi52vfwuPSy0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 778A 89 KB
31 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 778A 3 KB
1 KB 22ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 778A 20 KB
8 KB 23ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 778A 0
0 30ms
22ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJMqrafFWrov4rXECVSHogGH68plVI7QNTpZtRXi-mPJXvkHyaQc9wdmXGR5A1McyXhveP0juDckO_uK9hlC2tm5el-A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 778A 202 KB
64 KB 42ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:37:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 778A 42 B
68 B 59ms
51ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Co_-WlaJxC3FNVSMI0z3BipTk9TPgBPQSCKFO91hoN2zWRaPutQteNEewGyDwMbFEohiJEMmwA8hvfEuPyvQK3m0kOYSpAvY3PFyGzaDCGKBRLTnQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 778A 0
25 B 61ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1060012724177113398&x=1&ct=77

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A96E 39 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H3 200 clouds.jpg
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 8 KB
8 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/clouds.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

043dd72980c84b4a315680bb6d62b2fdb19acc739d3bfe8596c99bbba6255c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:42 GMT
x-content-type-options: nosniff
age: 118247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8612
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:42 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 10F5 15 KB
16 KB 44ms
28ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 118688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 10F5 15 KB
15 KB 42ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 43220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 594E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3RJU0tkUGgxUjlCcWg1&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmSUeR0_HjKIy0vrbi7qhB8yE-vPYVIZoVtQgl0rdfA...

170 B
188 B

31ms
27ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3RJU0tkUGgxUjlCcWg1&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmSUeR0_HjKIy0vrbi7qhB8yE-vPYVIZoVtQgl0rdfATiNgG0_izKTeWWcrWLQPsVTnPR4TFaI54mnr-solS0KFLVa5rOf-ggV0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 01:37:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3RJU0tkUGgxUjlCcWg1&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmSUeR0_HjKIy0vrbi7qhB8yE-vPYVIZoVtQgl0rdfATiNgG0_izKTeWWcrWLQPsVTnPR4TFaI54mnr-solS0KFLVa5rOf-ggV0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 594E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_push=AXcoOmRgzYJRCTFWgYaZ88xVKdKwIwZBgcUr0kJ1LgX1jpM05FgMFT5Dlo...

170 B
188 B

35ms
35ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_push=AXcoOmRgzYJRCTFWgYaZ88xVKdKwIwZBgcUr0kJ1LgX1jpM05FgMFT5DloVFRPZUoH3FucHhJ1mt9pzMG_vf5wfII7EUUjIGzBhaabg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230038-FRA
pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701567450.903602,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_push=AXcoOmRgzYJRCTFWgYaZ88xVKdKwIwZBgcUr0kJ1LgX1jpM05FgMFT5DloVFRPZUoH3FucHhJ1mt9pzMG_vf5wfII7EUUjIGzBhaabg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 594E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEROX-0QSk1T5ZjyBqDnEyY&google_cver=1&google_push=AXcoOmTaassqIFrHHvYDdHgI_ZIGsaxTSX-kgyaUjgtw3F2b3q8D_Xireko65lfZN0JZBHH1j5Zh54fVXEg63F_8Tzxr8ldpzOEGgg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=32CC7D9C45E544C383A0535EF38DB24C&google_push=AXcoOmTaassqIFrHHvYDdHgI_ZIGsaxTSX-kgyaUjgtw3F2b3q8D_Xireko65lfZN0JZBHH1j5Zh54fVXEg63F_...

170 B
188 B

24ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=32CC7D9C45E544C383A0535EF38DB24C&google_push=AXcoOmTaassqIFrHHvYDdHgI_ZIGsaxTSX-kgyaUjgtw3F2b3q8D_Xireko65lfZN0JZBHH1j5Zh54fVXEg63F_8Tzxr8ldpzOEGgg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 01:37:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=32CC7D9C45E544C383A0535EF38DB24C&google_push=AXcoOmTaassqIFrHHvYDdHgI_ZIGsaxTSX-kgyaUjgtw3F2b3q8D_Xireko65lfZN0JZBHH1j5Zh54fVXEg63F_8Tzxr8ldpzOEGgg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 02 Dec 2023 01:37:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 594E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKFqvK0bI7ZQRXthu-ftjHs&google_cver=1&google_push=AXcoOmSlb7Lak-Gk7fegb556clk5nmg57u3rkqn9KNQyFzommAmVzhkeQ4Hg2NdiXThkzoKhbXW5sy5dIyZQGYEE...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OVpN3YkgRSIfRLsUDQ4VPA&google_push=AXcoOmSlb7Lak-Gk7fegb556clk5nmg57u3rkqn9KNQyFzommAmVzhkeQ4Hg2NdiXThkzoKhbXW5sy5dIyZQGYEECUcTuCs2yxk5e7Q

170 B
188 B

37ms
34ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OVpN3YkgRSIfRLsUDQ4VPA&google_push=AXcoOmSlb7Lak-Gk7fegb556clk5nmg57u3rkqn9KNQyFzommAmVzhkeQ4Hg2NdiXThkzoKhbXW5sy5dIyZQGYEECUcTuCs2yxk5e7Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 01:37:29 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OVpN3YkgRSIfRLsUDQ4VPA&google_push=AXcoOmSlb7Lak-Gk7fegb556clk5nmg57u3rkqn9KNQyFzommAmVzhkeQ4Hg2NdiXThkzoKhbXW5sy5dIyZQGYEECUcTuCs2yxk5e7Q
x-host: tde-deliveryengine-production-6987bbc57b-x8svn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 594E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBAupQu6Hi9am5Cx41ba3iM&google_cver=1&google_push=AXcoOmRtUW3N50nBRq5Aqdw5hK-a3HGKZhZIrljRxaRV33AgWpf-nt9yCIGnnpEZIbm05wq9io9TComMTZrlysYGZWUyLuw...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtUW3N50nBRq5Aqdw5hK-a3HGKZhZIrljRxaRV33AgWpf-nt9yCIGnnpEZIbm05wq9io9TComMTZrlysYGZWUyLuwxvsxWrYA&google_hm=eS1rNDhUZlI1RTJwRWF...

170 B
188 B

51ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtUW3N50nBRq5Aqdw5hK-a3HGKZhZIrljRxaRV33AgWpf-nt9yCIGnnpEZIbm05wq9io9TComMTZrlysYGZWUyLuwxvsxWrYA&google_hm=eS1rNDhUZlI1RTJwRWFhV2NhbmJXZlFmQUlxWGVwYnZaX35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 01:37:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRtUW3N50nBRq5Aqdw5hK-a3HGKZhZIrljRxaRV33AgWpf-nt9yCIGnnpEZIbm05wq9io9TComMTZrlysYGZWUyLuwxvsxWrYA&google_hm=eS1rNDhUZlI1RTJwRWFhV2NhbmJXZlFmQUlxWGVwYnZaX35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 594E 43 B
363 B 87ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTOhEHvd9D0Car4Slh5dzmvwUEthV8soallcWHyyluIEWmlTIqg2ZVNhKWfmmQHoIuak-SvnkTpVG2AoLMr0bXto-zAwacCA5s&google_gid=CAESEPkqhZxT6aV8ofWw5KN3t3o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:28 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 222157
expires: Sun, 03 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 594E
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENpJED68QzSmQTTMVR7Dlms&google_cver=1&google_push=AXcoOmTDEqlt_esLXajcg0w0qqU_Ta7V8sZI9zNrELYrVtAsy9wRXdsN0_U2-YvOkf...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTDEqlt_esLXajcg0w0qqU_Ta7V8sZI9zNrELYrVtAsy9wRXdsN0_U2-YvOkfL9zCbVp4a0mV66gC-gWYtR_yHuMFLhtVgp4fE&google_hm=...

170 B
188 B

33ms
30ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTDEqlt_esLXajcg0w0qqU_Ta7V8sZI9zNrELYrVtAsy9wRXdsN0_U2-YvOkfL9zCbVp4a0mV66gC-gWYtR_yHuMFLhtVgp4fE&google_hm=vmM77zFGSVu4aF1YPE_Dxog

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTDEqlt_esLXajcg0w0qqU_Ta7V8sZI9zNrELYrVtAsy9wRXdsN0_U2-YvOkfL9zCbVp4a0mV66gC-gWYtR_yHuMFLhtVgp4fE&google_hm=vmM77zFGSVu4aF1YPE_Dxog
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 594E 0
12 B 27ms
25ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IU0i1gv9Uy45v0_7mu739i3WBee_ho28Ki5Ue3veAfRq7U3zRSF-R48BGHIdImJbTnSG_6zQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6D60
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI-QGZYOJai-jRY-_r7351I&google_cver=1

43 B
105 B

29ms
19ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI-QGZYOJai-jRY-_r7351I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWzpqahETiooF_4zIKzRJ_b3JKa0yg1LqT8rZ6ra6LbNZs8_bdeFIcuN3un2fvKEGB8SuxthI61OQULpzO1a6I0C7VMSf5P54UErldyKfgrQvmrwupNO-0lpvfFjaOS_e7J-4DhjZLQjszN55akNtif0QG18UOMyFqEfIeNi52vfwuPSy0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI-QGZYOJai-jRY-_r7351I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 6D60 43 B
304 B 84ms
18ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWzpqahETiooF_4zIKzRJ_b3JKa0yg1LqT8rZ6ra6LbNZs8_bdeFIcuN3un2fvKEGB8SuxthI61OQULpzO1a6I0C7VMSf5P54UErldyKfgrQvmrwupNO-0lpvfFjaOS_e7J-4DhjZLQjszN55akNtif0QG18UOMyFqEfIeNi52vfwuPSy0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 6D60
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESECmKDkmh9QkkFQ-AyCSA7cE&google_cver=1

23 B
163 B

121ms
37ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESECmKDkmh9QkkFQ-AyCSA7cE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWzpqahETiooF_4zIKzRJ_b3JKa0yg1LqT8rZ6ra6LbNZs8_bdeFIcuN3un2fvKEGB8SuxthI61OQULpzO1a6I0C7VMSf5P54UErldyKfgrQvmrwupNO-0lpvfFjaOS_e7J-4DhjZLQjszN55akNtif0QG18UOMyFqEfIeNi52vfwuPSy0
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sun, 03 Dec 2023 01:37:30 GMT
pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESECmKDkmh9QkkFQ-AyCSA7cE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6D60 23 B
163 B 127ms
38ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWzpqahETiooF_4zIKzRJ_b3JKa0yg1LqT8rZ6ra6LbNZs8_bdeFIcuN3un2fvKEGB8SuxthI61OQULpzO1a6I0C7VMSf5P54UErldyKfgrQvmrwupNO-0lpvfFjaOS_e7J-4DhjZLQjszN55akNtif0QG18UOMyFqEfIeNi52vfwuPSy0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sun, 03 Dec 2023 01:37:30 GMT
pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 206 file.mp4
r4---sn-5go7ynld.c.2mdn.net/videoplayback/id/b30bbaa701651f16/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733103449/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0B25 1 MB
0 98ms
40ms Media
video/mp4 2a00:1450:400f:3::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:3::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 03 Dec 2023 01:37:29 GMT
date: Sun, 03 Dec 2023 01:37:29 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4318256/4318257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4318257
last-modified: Sat, 25 Nov 2023 18:39:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 CTA_2lignes.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 3 KB
4 KB 19ms
18ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/CTA_2lignes.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c125288d8728def579b136aed566fcba8c8686eb89958005ab3dd01968614e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:23:06 GMT
x-content-type-options: nosniff
age: 458063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3562
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 18:23:06 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C371
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
23 B

30ms
28ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:29 GMT
expires: Sun, 03 Dec 2023 01:37:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F396 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0f72f6005c01ac5df3d0723c392122da027f149335d5166cf792a90e69712f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 10F5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CVB4b2NtrZefxIOGrtOUPj6OrgAqv-_7Wc43izbzeEKbxhuOgAhABIPX6qxZglYKAgLAHoAHmnvmFA8gBCakChxZyOYpCsj6oAwHIA8sEqgTUAU_QnREWpQuz_0m5aSEC4JoEKKdLqD1HNmp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229453271977919685402%22,%22debug_reporting%22:true,%22destination%22:%22https://integrityline.com%22,%22event_report_window...

0
0

59ms
56ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229453271977919685402%22,%22debug_reporting%22:true,%22destination%22:%22https://integrityline.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22817778534%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229318888012218480305%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9453271977919685402","debug_reporting":true,"destination":"https://integrityline.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["817778534"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"9318888012218480305"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:37:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9453271977919685402","debug_reporting":true,"destination":"https://integrityline.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["817778534"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"9318888012218480305"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 778A 0
25 B 79ms
76ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7460212159949&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 778A 0
25 B 72ms
71ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7460212159949&version=m202309260101&ct=77&x=1&cor=1060012724177113300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 778A 20 KB
13 KB 182ms
180ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJ2kZjhoceAxeeBQZXlDoKD3w8-SR08Fq0oR3fIrgYDjgys9Xg7MzulD4gneOJm0T7JMJ90w0agiqG17kBltHfqFH5Pp_ChekOWDcUIDHKfRG2v3HFQmJ7s7f0sD5afKi2lrxn3j2AvXUxPvtC1bopNW2ZzsSZrKOvLMPxYmGPQNwe4qg&cry=1&dbm_d=AKAmf-CBAP8X0EHTjJphC3LK7Ph0ucN5LiGZT7ttx6YOIivGnFs_NznCkYlJJzOwBB9GTKLXfKj1eh5bajcnl_7xbx8DChGO9SutdTS6WBj0z6eTDdP_Ze-nSTWpZlBYvAYmgzpTU4a7y_BDKlrrUh3Witw1n0XBKaplv5b4NZD6fZdK6KzozQfECZuZ5UWd76dZzCeRziTUq5_oSoVhY8qS1wSw7KRNdg57tdUzySiC0ThUmqypjbP6MUN-5LfTElFKlBnOblHwV5sabbBm1SI-2CP-2MZSieBiYipxkKgMWBOFnctN1vAu5JMhrAc4GFXPO63t28R-88n5X7lSk8sqasZJ4BlPCC1nsu9u67dXWBlVOV8miXE6242UhGlinZUy6gij-YI-3Np55XHZzBqmdfry1pGxybL3HGsZ4NMZ1_L17Zb9kX5iMy-XHwhdFNHyZopgZTKH1nDy4X32lYeB-yurBf1Cyh8n6xi4ofXtqeLrih4ZpDMd8VE2RTNohnF8O8H1fw1osDBBrtLPKZXXnTQ-4KlykpCkq2beowIoJ9c4rmwFsd65ZBNV1W5oV65KjPbj0E2kpz9py4f7-X4OA_vnFSsD932xUd67OL1r0FpcXlpx0kgT_SYyzMDLlnqbR3QGMmVULU3uLXH9qcHATUNSOC8Q9p9RIMGTSESx5SWfJDb4QfAXA6n0px2O41BAzIpBytaRuGyEFmp_zx71jg72QCzxWipQf_5KlsOq8s8U45NqmACTrWJoOEM1YSfqzKAzgEu7Yw7yqXwwgXehiE_rQIoMqqOtGjQRaQ2rZUnNilAZfxATbpxrgTuLZhALGOAbGOzApOno-vKIBAp7-_qhdfZN7jNftKtsefqU5WqitgVskGCUXJFWrppT7AgNbwKb0wQNCeiv3SDCqfwXzGLKUWrMUMw4HyQwRxyMByRVSCg4AeK-DprWyHPq1yMgDmAzuxWhoWToJ4ATkatu7pjaybOSKH5Ato97gWWWoFyQT7peeWRx_p3Cp_HDVegiHwXgVBbBVEPlLRVDl2yyZC0LXL7t8hI5sXmo06OEZusdLQxRCNhBwW00UhQH-G-Ac3a3C6AsxUqIz4Av0m-52vgzGsp_LbBH_aZXuphl_0Q2DQr-Gx8bAyrWP_LC3RLCxIC-1uvZtleafLu4Cd_Wgjcxtofqz-VCMKmfEbfQlk58-OC549V0x4HxgXFYIis40T1yVEu78G1uMjP5a8H6_nFEC7vsaGnQqpy4s7HQGOAPEqKiX3sG5yXqFd0DmoCBPRNmsZbuUey2uz0gH3lJDPZ1d32u9lqGLkgJmYI5uoIT9HvYxhQR-nILtZwobuHf3gkfWpYsve6k6V6raZxJDUdkk6C1R9nv4HKlYQYYm1T6Pv6_XmM3E9nJp08mo-8-_z23anmGHtqaJlyFxkUznvcMptta-LG5ViwunqHD7njw_r_l6n-3HaH57xpouLP08wxbBjqPpeYKoVSLscuYpLEmVCBSwrBz2n-dAH5CU8HxXtBGnwg8B3AGMMidkSyMjCSnhGM-vdJYzDM8Opii7dohTYIkWucjK7Xbp1MfEV5yJvsL4yocFUdbv16bTAlZhgs0VLLPWxKghZdY7OgPe-cuiLOVL8u-mbXDBfmeeo6RqRutb4UiAVjVZAZ4QyAwhXTfpTgfamRWtNCTcg5rXMQFZeU0G9Ii8vWFwr_OFX8guK2DqEPbqsEYUzttBG-JDk8-Xq2uHK_sckr5bqbHcLN3pJ88Uv-BbXTFzFeU-dXaUwy7fTQf22SjzvkgjSI8mcLv8XElQSKDjgtToP6aOrRRWI5EIS5Xa35iyMOILAph2-0AVKzNbTlNl7Qqh9bL8HpMh98QZAlUtgfCKuoiGJdi-fOtKNtUSicFHlbmc0uh8CUuXluTBlZcHFIIUXHqxsYI1OjSuQ9KOOG40--wPw4TDW8I0IWehR5aieaUfx7a-_o7zK_riVUHIr7tAR6OriTCiXZDyLkbQPswtX-M561fPJT9Xkv7jKV_boPEs6yEpUQWHmhbPc3ci-namoz5-w74WJmIATbfi2YsQx3aI2OBZm4B9mkmEdPbLeaTGUobWshiH3SKB1cvI8hYEjXBuL_6nicB0pyXYKW5WsTXa3w5bn5HDL69fKCZaGhbdKk99atSSNDZhNyyUX-D5GiBC38G6K6mlTwl9unGAQ6F06vKR94K5goHTere1K4823cmCbT56RnZwYSlTVNTMcKDHhB2i5juM-RJzOxh0cFHBOeRPdsYTamPGQmCFb0FF57bVuDoBCYC9PHMLQKaYvAe6I0Qm8eisgoOe5tmf-67dg0PBQvrxSuq3b6l3OAAHDzk9QXJ0khQDaDjl64ALDXlE0MHmM0qOHF9Tvqj7xO1OzE1pbXklDmd7Q4tmeJQpGOyNsPdyzMe__NHcpHqkmhPiLXpQ-u2eu_EAxHOhS0_Z7lksHvSxv0-up45dGaU1y5_nBzpUUlCEMhFrVzqQGkhdySCEv548SFDfYoA3emAiwZm8s55O9UWQ9uCNEOen8PByLXFCXKAOHghtrRUlwxnNA0RIvB2lvZW-h9MciLLrlOGoZD3zgEL2SINaGuChU0bWHwS6XB1WDroeLvmpfiSgmWmrbkYk5uYJZs-FyJyKuE-jcO6Mf6wk6luPJaqJrOXoCJaXRwR1yaExgetAHR2Rjckuv8CS-XUC1c-N2FJW7PRj8-mzBr_2kIWaRZaaWfSbCt84esiNYVkbDrwbS0gcjAk0QtC4vaFzPDJvJOkbttLqa1qSsG59IRbm-7S7ATAjCsqsflt-OtwQB8aTyN1dQDyDo3LOls7Ok8fu61_4en2ad-gxGmNvmlkslC3OvYjoWohKuPwp2X1WqYG6StLxa7TCCLROWSCqnqpeYmpOjUSOTVUkG0Ljv1A8_SDNKOMpiDmtjaw_LPy0yzmTZkf3kPzN8j35pJIj3Dfw-bUr7EVKnOXD8tgUdRQe6dItuoPQwgZGj4v0iE9c58v5bxo-9KTYlnZuJJ_R-KVhjaqt-7_K0UnvLOkfbLUBAYfU-EL2UJOOiBw0sXBmm7VldQGbKjJvR2MyWJB25eSAYYJGwTlltQi3jdoqORan0bYZxvpKwGuqn1_PTp2YrVgiagOPIi2ION6dDykXIKHB_Kpf-G-CYMz35DK8ZdoAiskPVOGGaISP0ROyCEL2OAxKG-r4vjdTuES_JFyiCF5TcVqG1yZ-uCxQUBOcAem1lFWzGHacDFAyBhpaW2BN1M3EO4yfe3MWQ7lpc5RbzQXt-V8WYzAmin_5taLuycOggUbQwXLSOFO00PFA26KoVhjrTq-KdEv1lkxNVbGgq8Fch7TZnZH-QdgCdnEZGLOm-Qz94arWWlo6yD2Dza0snFuRNPBAWfceJyiHxi_FrG7cwWzWcSA7TuOLROEkxbD73P9Falk9-k0RKd5w1VDuMjpykz-Cm8MuzdsnMhSm8EAB5w1zx79RALtBM-xdHrZM7e-jZrZ_Sr7LB8Xw1c1RgR4qc6cP-y5vvvJikkgVMp8dXvjef_Fw0-th1i0BOGBPU002NfKSMqLWkI1tsOfWydtDKrL8IiW7JbynFAka3b-vWUczq49yrh22qR4O0e0mLBmUSrgjItfA5NGGaNHAhF57pzX_1QlrsLdxlIyg3QFAd3HrERd7q2crBGrce1oKIUmzIXex5NJ-VuGQgaQbhKi1P7pEdSQAThTb1YdNWNXz8-6geTHIJcG4E-69_zygVoBIADEhvNycHUk4FrCYGhyr6BkKv4DZvUCmPlJ2b30Kgp0t_9YlxhrKg&cid=CAQSOwDICaaN_umDvYrkgU96hJKuxobWI2MqZ1s_W8H8ImUj8JX7Mo0v8HEsFDHJidy6WRRkLI3Bpdi910wyGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbloxfruitsdojo.com%2F&ds=l&xdt=1&iif=1&cor=1060012724177113300&adk=1726166460&idt=67&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60ee46a8a5ca781929c6a452d40add3d72be1b1bb7f13eeefdd77a67f06dc9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13630
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CTA_bg.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/CTA_bg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a09d95b1b8242c2cca4d97b1a50690a2bafb042966a7fddb91b0cb8917f3299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:46 GMT
x-content-type-options: nosniff
age: 11144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1869
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:31:46 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 30A3 50 KB
19 KB 22ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:49:45 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F396
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CUUSA2NtrZb-oIauQtOUPnMu28AvU9ceDdIrq5Ij-EavjupKSDhABIPX6qxZglYKAgLAHoAHW29r8AsgBAqkCS2-RJ_osgT6oAwHIA8kEqgTbAU_Qr6U3yfdqJM3vNpQ9JuL_6nIdi4yr6h8...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224056532961308821155%22,%22debug_reporting%22:true,%22destination%22:%22https://peppagame.com%22,%22event_report_window%22:...

0
0

67ms
51ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224056532961308821155%22,%22debug_reporting%22:true,%22destination%22:%22https://peppagame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217133945203471645073%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4056532961308821155","debug_reporting":true,"destination":"https://peppagame.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"17133945203471645073"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:37:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4056532961308821155","debug_reporting":true,"destination":"https://peppagame.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"17133945203471645073"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 date_trait.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 736 B
763 B 19ms
15ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/date_trait.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05129b71314566c11846316f0f914c08cb2b9093e37df0b6dd2e2facbf8d71ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:23:06 GMT
x-content-type-options: nosniff
age: 458064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 736
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 18:23:06 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 79ms
62ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:37:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49B0 42 B
64 B 70ms
67ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTj6qW_ZrjfiHwFrKIkkVoY_KLgA1gNB9THiepM2pfLAfwX8LSn5MwIEP0OUrPnbms45dL-A2RIHzwG2FaiwT2iouZ496Uw9F8rRB3K3fGBK9gMhq6olzyKsIdNVRwXY7kRgJqf7mqj1TH&sai=AMfl-YQfzde6c6DWGWPNvcMSwtRNRzFyQpNnDD_aT6YsWHZL6z06vKhmjtn8DHx2vuN3rGA6b3xXhAc-EK0kEgtWJ9PNRGaQpQEbZcn57soATJQnpVsBjNXaha1z3ddtVJLfRrsI-PK2hi_70K68hwNTr1mdpWSR8yiUxyo&sig=Cg0ArKJSzIuDe09Eu0UBEAE&cid=CAQSTgDICaaNIo2EluffV23gU5TeAgVov8cxnT4JyvfVUh5--pyVMfOhnbnXP3VQNyJpexv4cxc5ELoPO4DHEdx8RMQ14vIIZifkhLNKyu38-hgB&id=lidar2&mcvt=1042&p=0,0,90,728&mtos=391,919,1042,1042,1042&tos=391,528,123,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701567448670&rpt=343&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame A654 50 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3920200256~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=-M&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:49:45 GMT

GET
H3 200 date_txt.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/date_txt.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e36b64e25b34ebcc74dd0bad0475dfb05cf18e8fa37c1fbc45ebc2063628f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:43 GMT
x-content-type-options: nosniff
age: 118247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1989
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:43 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 59ms
57ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:37:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 footer.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 816 B
843 B 29ms
26ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/footer.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b5d7d2728e8f590947a918321b0da9e2a6525ddc741dab8ef622b998cd8eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:38:11 GMT
x-content-type-options: nosniff
age: 10759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 816
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:38:11 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 778A 41 KB
14 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJ2kZjhoceAxeeBQZXlDoKD3w8-SR08Fq0oR3fIrgYDjgys9Xg7MzulD4gneOJm0T7JMJ90w0agiqG17kBltHfqFH5Pp_ChekOWDcUIDHKfRG2v3HFQmJ7s7f0sD5afKi2lrxn3j2AvXUxPvtC1bopNW2ZzsSZrKOvLMPxYmGPQNwe4qg&cry=1&dbm_d=AKAmf-CBAP8X0EHTjJphC3LK7Ph0ucN5LiGZT7ttx6YOIivGnFs_NznCkYlJJzOwBB9GTKLXfKj1eh5bajcnl_7xbx8DChGO9SutdTS6WBj0z6eTDdP_Ze-nSTWpZlBYvAYmgzpTU4a7y_BDKlrrUh3Witw1n0XBKaplv5b4NZD6fZdK6KzozQfECZuZ5UWd76dZzCeRziTUq5_oSoVhY8qS1wSw7KRNdg57tdUzySiC0ThUmqypjbP6MUN-5LfTElFKlBnOblHwV5sabbBm1SI-2CP-2MZSieBiYipxkKgMWBOFnctN1vAu5JMhrAc4GFXPO63t28R-88n5X7lSk8sqasZJ4BlPCC1nsu9u67dXWBlVOV8miXE6242UhGlinZUy6gij-YI-3Np55XHZzBqmdfry1pGxybL3HGsZ4NMZ1_L17Zb9kX5iMy-XHwhdFNHyZopgZTKH1nDy4X32lYeB-yurBf1Cyh8n6xi4ofXtqeLrih4ZpDMd8VE2RTNohnF8O8H1fw1osDBBrtLPKZXXnTQ-4KlykpCkq2beowIoJ9c4rmwFsd65ZBNV1W5oV65KjPbj0E2kpz9py4f7-X4OA_vnFSsD932xUd67OL1r0FpcXlpx0kgT_SYyzMDLlnqbR3QGMmVULU3uLXH9qcHATUNSOC8Q9p9RIMGTSESx5SWfJDb4QfAXA6n0px2O41BAzIpBytaRuGyEFmp_zx71jg72QCzxWipQf_5KlsOq8s8U45NqmACTrWJoOEM1YSfqzKAzgEu7Yw7yqXwwgXehiE_rQIoMqqOtGjQRaQ2rZUnNilAZfxATbpxrgTuLZhALGOAbGOzApOno-vKIBAp7-_qhdfZN7jNftKtsefqU5WqitgVskGCUXJFWrppT7AgNbwKb0wQNCeiv3SDCqfwXzGLKUWrMUMw4HyQwRxyMByRVSCg4AeK-DprWyHPq1yMgDmAzuxWhoWToJ4ATkatu7pjaybOSKH5Ato97gWWWoFyQT7peeWRx_p3Cp_HDVegiHwXgVBbBVEPlLRVDl2yyZC0LXL7t8hI5sXmo06OEZusdLQxRCNhBwW00UhQH-G-Ac3a3C6AsxUqIz4Av0m-52vgzGsp_LbBH_aZXuphl_0Q2DQr-Gx8bAyrWP_LC3RLCxIC-1uvZtleafLu4Cd_Wgjcxtofqz-VCMKmfEbfQlk58-OC549V0x4HxgXFYIis40T1yVEu78G1uMjP5a8H6_nFEC7vsaGnQqpy4s7HQGOAPEqKiX3sG5yXqFd0DmoCBPRNmsZbuUey2uz0gH3lJDPZ1d32u9lqGLkgJmYI5uoIT9HvYxhQR-nILtZwobuHf3gkfWpYsve6k6V6raZxJDUdkk6C1R9nv4HKlYQYYm1T6Pv6_XmM3E9nJp08mo-8-_z23anmGHtqaJlyFxkUznvcMptta-LG5ViwunqHD7njw_r_l6n-3HaH57xpouLP08wxbBjqPpeYKoVSLscuYpLEmVCBSwrBz2n-dAH5CU8HxXtBGnwg8B3AGMMidkSyMjCSnhGM-vdJYzDM8Opii7dohTYIkWucjK7Xbp1MfEV5yJvsL4yocFUdbv16bTAlZhgs0VLLPWxKghZdY7OgPe-cuiLOVL8u-mbXDBfmeeo6RqRutb4UiAVjVZAZ4QyAwhXTfpTgfamRWtNCTcg5rXMQFZeU0G9Ii8vWFwr_OFX8guK2DqEPbqsEYUzttBG-JDk8-Xq2uHK_sckr5bqbHcLN3pJ88Uv-BbXTFzFeU-dXaUwy7fTQf22SjzvkgjSI8mcLv8XElQSKDjgtToP6aOrRRWI5EIS5Xa35iyMOILAph2-0AVKzNbTlNl7Qqh9bL8HpMh98QZAlUtgfCKuoiGJdi-fOtKNtUSicFHlbmc0uh8CUuXluTBlZcHFIIUXHqxsYI1OjSuQ9KOOG40--wPw4TDW8I0IWehR5aieaUfx7a-_o7zK_riVUHIr7tAR6OriTCiXZDyLkbQPswtX-M561fPJT9Xkv7jKV_boPEs6yEpUQWHmhbPc3ci-namoz5-w74WJmIATbfi2YsQx3aI2OBZm4B9mkmEdPbLeaTGUobWshiH3SKB1cvI8hYEjXBuL_6nicB0pyXYKW5WsTXa3w5bn5HDL69fKCZaGhbdKk99atSSNDZhNyyUX-D5GiBC38G6K6mlTwl9unGAQ6F06vKR94K5goHTere1K4823cmCbT56RnZwYSlTVNTMcKDHhB2i5juM-RJzOxh0cFHBOeRPdsYTamPGQmCFb0FF57bVuDoBCYC9PHMLQKaYvAe6I0Qm8eisgoOe5tmf-67dg0PBQvrxSuq3b6l3OAAHDzk9QXJ0khQDaDjl64ALDXlE0MHmM0qOHF9Tvqj7xO1OzE1pbXklDmd7Q4tmeJQpGOyNsPdyzMe__NHcpHqkmhPiLXpQ-u2eu_EAxHOhS0_Z7lksHvSxv0-up45dGaU1y5_nBzpUUlCEMhFrVzqQGkhdySCEv548SFDfYoA3emAiwZm8s55O9UWQ9uCNEOen8PByLXFCXKAOHghtrRUlwxnNA0RIvB2lvZW-h9MciLLrlOGoZD3zgEL2SINaGuChU0bWHwS6XB1WDroeLvmpfiSgmWmrbkYk5uYJZs-FyJyKuE-jcO6Mf6wk6luPJaqJrOXoCJaXRwR1yaExgetAHR2Rjckuv8CS-XUC1c-N2FJW7PRj8-mzBr_2kIWaRZaaWfSbCt84esiNYVkbDrwbS0gcjAk0QtC4vaFzPDJvJOkbttLqa1qSsG59IRbm-7S7ATAjCsqsflt-OtwQB8aTyN1dQDyDo3LOls7Ok8fu61_4en2ad-gxGmNvmlkslC3OvYjoWohKuPwp2X1WqYG6StLxa7TCCLROWSCqnqpeYmpOjUSOTVUkG0Ljv1A8_SDNKOMpiDmtjaw_LPy0yzmTZkf3kPzN8j35pJIj3Dfw-bUr7EVKnOXD8tgUdRQe6dItuoPQwgZGj4v0iE9c58v5bxo-9KTYlnZuJJ_R-KVhjaqt-7_K0UnvLOkfbLUBAYfU-EL2UJOOiBw0sXBmm7VldQGbKjJvR2MyWJB25eSAYYJGwTlltQi3jdoqORan0bYZxvpKwGuqn1_PTp2YrVgiagOPIi2ION6dDykXIKHB_Kpf-G-CYMz35DK8ZdoAiskPVOGGaISP0ROyCEL2OAxKG-r4vjdTuES_JFyiCF5TcVqG1yZ-uCxQUBOcAem1lFWzGHacDFAyBhpaW2BN1M3EO4yfe3MWQ7lpc5RbzQXt-V8WYzAmin_5taLuycOggUbQwXLSOFO00PFA26KoVhjrTq-KdEv1lkxNVbGgq8Fch7TZnZH-QdgCdnEZGLOm-Qz94arWWlo6yD2Dza0snFuRNPBAWfceJyiHxi_FrG7cwWzWcSA7TuOLROEkxbD73P9Falk9-k0RKd5w1VDuMjpykz-Cm8MuzdsnMhSm8EAB5w1zx79RALtBM-xdHrZM7e-jZrZ_Sr7LB8Xw1c1RgR4qc6cP-y5vvvJikkgVMp8dXvjef_Fw0-th1i0BOGBPU002NfKSMqLWkI1tsOfWydtDKrL8IiW7JbynFAka3b-vWUczq49yrh22qR4O0e0mLBmUSrgjItfA5NGGaNHAhF57pzX_1QlrsLdxlIyg3QFAd3HrERd7q2crBGrce1oKIUmzIXex5NJ-VuGQgaQbhKi1P7pEdSQAThTb1YdNWNXz8-6geTHIJcG4E-69_zygVoBIADEhvNycHUk4FrCYGhyr6BkKv4DZvUCmPlJ2b30Kgp0t_9YlxhrKg&cid=CAQSOwDICaaN_umDvYrkgU96hJKuxobWI2MqZ1s_W8H8ImUj8JX7Mo0v8HEsFDHJidy6WRRkLI3Bpdi910wyGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbloxfruitsdojo.com%2F&ds=l&xdt=1&iif=1&cor=1060012724177113300&adk=1726166460&idt=67&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTU2NzQ1MDAxNDQ5OAogIHNlcnZlcl9pcDogMTM1Mzk2MTI2CiAgcHJvY2Vzc19pZDogMjMxNTc2NDI5Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 778A 0
865 B 167ms
63ms Image
image/png 216.58.212.166

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTU2NzQ1MDAxNDQ5OAogIHNlcnZlcl9pcDogMTM1Mzk2MTI2CiAgcHJvY2Vzc19pZDogMjMxNTc2NDI5Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMDYxNDA5MTM0NzI2Nzg1ODUKZGVidWdfa2V5OiA2MzE3MTIwODg0MDA5MjE2NzExCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc0ODQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDg2MzgKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x5d733df3e328ca670000000000000000","13":"0x42a50a8e60b3c2d90000000000000000","14":"0xb6bfca98681eda470000000000000000","15":"0xdc0290a5629f67310000000000000000"},"debug_key":"6317120884009216711","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"106140913472678585"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 778A 11 KB
4 KB 83ms
13ms Script
text/html 138.201.63.165

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1701567448550935&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCadsG2NtrZZfQIcG9tOUP586eyAGm5b2gaYWVnKfJD_AuEAEg9fqrFmCVgoCAsAfIAQmpAocWcjmKQrI-qAMByAObBKoE9gFP0NAWr40ubsS6QEx5vrH_CwhTb6hYCoR0D4v8sTQp0Bomzr6zoW6mrm2orrHIYNwCjkS8R8kM1WWFaI6xg39e7UJmRn9YrnDQytH4fz5APCjqWjCOVQJyVoSMWNZ1eNWuI5N0Z1xX9Jbz10rO-PDsuYnNrSnSi7yfc7VOI99IN83VDGpRrtGra0U27DhWe-LMewynk14SIuj5YhTa_bdReVC6fRYA0HPrKV1_VVxK2GVGhREtul8Ugw_n0oUoQKCFycPG3HUqKTIsic02tpW0uIAvrztSPGk_eZy8W-7EliY7l-HmZVly-1gtT71-KGZjZjySvunABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYguTP2pDyggOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN_umDvYrkgU96hJKuxobWI2MqZ1s_W8H8ImUj8JX7Mo0v8HEsFDHJidy6WRRkLI3Bpdi910wyGAE%26sig%3DAOD64_3Yuejdsme1nc6bysd9eUn403lGPA%26client%3Dca-pub-5814941088162332%26dbm_c%3DAKAmf-COfISZBV2buOFj8Dvro0b-RHN-nIKx2zrdKqn0v-7wUUey5sG-vsCozjpG4fi--NPS677e8pSJVCArNNE9OyFsNydK5q2HyI0EmwVDHAindaeBUsbSqJKr6Vx_1wE_p90pYSrG3nCBEsgv_jOVsrs4G6Ebx8apTpKhpqRxPnGO5LTkigY%26cry%3D1%26dbm_d%3DAKAmf-Bq0ye-BUPlqyopW-NCJaOhaKEQfwgkjBy4WEbZoC9-D9ttcxj0CrvSZKjpV-92-i8GslXNTDlWpTky--Hke2m6afcCKitmdUFu1gLsXZ8ive4JTrJILhOAV2q_1gUJ3G51Y1AnPup4Bh-7TddRALJ8NNp4qSAZ8Kqk-qQ7PlLDNdkITcd9U8tsMHlQVv7DjzZbutbmsnMPcW40zEn4n4RQJwl_0snBRXxzeOcWA2CXd8FdrbWHAgcG_yiNJaK6f9B0sbrt3pstCtLOKRrxe02Ind4AyMjLOpgt5FiWaxBfqI7aRxiXRg_1_oNLtTDIvOA-aUaMNzkFd90J0zZh6MyKXLgDatrTkb2FMlmreA83ehqhyFULG9Nd0q9z_x40DvPkI_YVeQdpsFCncimN67JGj9sD6ki9Ac09-zR-6VJlIkkm3jxk4vaSP5V_zVBUllk_M2VLZX120dlY5_QAw8Jq5i1XHvfKJzcBZxz_Ic04yZACxVHMfNKHl3jlse1JTxr5UGtsLx10nIR4C6gztuBjYdJBTkmbRbnffIzYFfb_pF8ZmGc%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7cf1846a92411846587e3fa3f6c1851e0eca6c12e46135cc68a95184de36e4cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:37:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4161
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H2 204 csi
csi.gstatic.com/ Frame 0B25 0
54 B 116ms
114ms Ping
image/gif 2607:f8b0:4002:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpotbqm8&c=360436640095&slotId=180218320047.5&qqid=COHH-tmQ8oIDFXCkgwcdAbQD7w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2102&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1uz~vil.2nh&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c02::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_aile_droite.jpg
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 6 KB
6 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_aile_droite.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb9f8f519a5aadd1ebb7a08008349b92dc675c3069123ac195965cf558b43f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6237
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3859 0
25 B 50ms
49ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5KUn2NtrZarSMuOM9u8PqMyn0A4AAAAAOAHgBAI&bg=!JCelJ2jNAAY3kmNgF5I7ADQBe5WfOIKeorZkjH0eTyt2bLJ4weBZLkEcu6lUoFxmqpgdEwdCj2gMI163Z6kTL85sHQCPAgAAAvJSAAAABmgBB5kDEARmolJn41II7uB8eWi4tJuMroSW_7NkUnfvzpGl_K5fVU_2Pjo3uKw4Z2hSC4DgBefCqT99-NcmaVTLzeu3WR0c0-Jz6_9QBEXy1KirjM0pGsawMhieXoljuZ3OdtAd4VHcMD9vlGtQO5Su3dWBuQAr_GG5y5zgEQUikDnP8FttuupJSsTFimZFc0G5-MascQ2OKUWlpcno59a5pSQMVm3nI6_7enbXNsgqTXRZKw0Ni6B0RJ9ArXavDlusiSLCl-sz_tkamrm24w6MkSQkCNH6jaiQ0fcPM9eDc93EWE9cseQk25_8U5FMkurlW0UwTRMKafrnND7s0xxbxY3nUtYsuIGd0Kdi5INfu2Pr-B-NNg6OnrELMwCj6_ujaU_VLk5nJQhQ7dvEcaHH5x61x0cU76qY01BzGq0B-YFBc9JAjBdoNBRry38CcxuzCJxv5a4QN8lgxJ3Rpf8H-l6Y9YRwc3Gd4db40FYnSBIoq94hdXyBwmPNu2H7vFWGPCzInR4MWjKfarQ1kVS0wFukYxYPYtBdikSXCSC6c4q-DG8Wm2ED1_4EyiIzGA4pEal_2oxRffhRxfMIXMxHqi4i96MQ-WxkD0mCt4xB2dw_QU-K1V1KekJeys-YJrqpUoI8xpuEK8KxyuQsWteGW-cYVJmIS5g8FGvTt4jl7N4S1agbLh6VFJiKEITq6VQWh4XOfefPB4BIx2cG6bYvPraPujgvjG4TtnPbaF4hHZJFUuZgS6EUE2QFhHnIBYwwbRGat9pZj8_DoLYgA2ZzI_hBbYuoUWVamTX2WbTzZYYQOHI1fkSVJi4q7Wqwnb_SSVcJEB1sDIXzXBpx8VNl-sGqftqZs-06Mv5cR7pvA5hdqh9kJgjw2a64SB9Wj_bzNfM83emkqC06DVi6sLu9gyMdNMcFhf1qmg-lmKMEzjXA1BATll6gnxsXT84zaGg2vjljSUNrjNi0Zkpcx3kaT00tj2FERksGqGSD4vterNAeENmsJJnCT_72iInQ2lsyEocWfga-dC6ZlGo1bgTXua6KE70

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5BC4 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 134043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:23:27 GMT
expires: Sat, 30 Nov 2024 12:23:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3252580902845133&bg=!AAOlA0zNAAY3kmNgF5I7ADQBe5WfOITojKEkO7kqzgxvRP5PRs1aZjKXG7SpbrNIdvxLHb0eo83hucz9MpQetqGu9U7oAgAAArVSAAAABWgBBwoApNMAq1JXM3cHbC-96NYVk2MCJ6VKo2Xt2C6tJzPOzLYTelnjBR5sUSLxbuLi-ODoSetBGHc37p6a1EGAG9Lk5A8HuRAuWDG3txA-Xj3Cy9ZTWntCySFIChxVpJKLTB84Lso1FeADPFe_Mx6r0rSShRNLSPY2BSeJQkCquI53rz_JSusHdOwXaIOqvDEqa3K3UTW8UFYOLMjzDIISFBumIOFMHNNumQK4XvcLYhp7ZqjHGINWfg6GC4IHsCF4fJ530HmRW9XX16Ndq58J5t6vZfpNaWfgZdVv3halhP9CkKNHfE-bugaNyJx1gwsnayf-YSfv-tJjiNed4uYteFEnWfq6tWl9k7_-WuN9JCBdDPQiw9yDbbgYORdWzUzhgb_zbUOcSFc7pcKWWTIKJhdfVsY17PJyljnx2cyfRA4jJPQSpK4Nqrhg64ZYloWnBBINlN5Di-TJF-8vCAmn2-kBQK5tpmAXB2rfRpCH_dZWyzZm0AL8C8UyM7rH5HysVMf_YRrwdlVTKQtsSh9kLdz2UnrWvbeEgk2m4tFWBknLYKUZEpf7LC6YUJzqgypCwroUqQLmpUzQyL2UzcyIEK0dIGJpNPMW06DdA424hMCPIEKj0dG35CbUN2i6p4_pRLt_s36pl2Iowa4UMYzussBYzqLHVDrsOYi4jwaCbOKi-SmAlG1UdzoILDldJh1cxua7HFFVSnUYQpCCXa-aqKXsjNkRQ2do0_XdC601vIjX9ypjza1LEdPK-slx1s-puuGuEltZ9kzJA2D0udfP17t6v62zA_9tw9u1CUW00IbnyfvkPttypyQyIkrDCMZL2nt7jhSJeqjAiw_KYB_vysO3St3ix04_4voX82crPM0Rgc2nmXn7M94lS2IDBGH7YFOtP-Hxav6VU8sXUGwHG5vhiOxxI0GiFuEi7lg7n6igxqJUYbH1e6Z4H62pQX9juFp16ZUPkz92LM-Y5l5dCj5fP1B8MNeGg6fJwXPyA3H-PJiTCc0awIVBCgv-WwYIMCgpOuBEyrG6FPUUyKpgUPZbr3rh1ZRuLHon9jjAQjOepIXjlRsLaFGBnlmLAqXFUgd9lVPhfbfiSwa7CdVUZ6WHnTjA5ny-Gji-7KVBoe4JGXr4MDP0rb9adxmV1LlEbpuy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxfruitsdojo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame 778A
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=7ea3e5bc02&subid=&uid=3924ef7f90a30f49&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=7ea3e5bc02&subid=&uid=3924ef7f90a30f49&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

155ms
127ms

Script
application/x-javascript

138.201.63.165

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=7ea3e5bc02&subid=&uid=3924ef7f90a30f49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCadsG2NtrZZfQIcG9tOUP586eyAGm5b2gaYWVnKfJD_AuEAEg9fqrFmCVgoCAsAfIAQmpAocWcjmKQrI-qAMByAObBKoE9gFP0NAWr40ubsS6QEx5vrH_CwhTb6hYCoR0D4v8sTQp0Bomzr6zoW6mrm2orrHIYNwCjkS8R8kM1WWFaI6xg39e7UJmRn9YrnDQytH4fz5APCjqWjCOVQJyVoSMWNZ1eNWuI5N0Z1xX9Jbz10rO-PDsuYnNrSnSi7yfc7VOI99IN83VDGpRrtGra0U27DhWe-LMewynk14SIuj5YhTa_bdReVC6fRYA0HPrKV1_VVxK2GVGhREtul8Ugw_n0oUoQKCFycPG3HUqKTIsic02tpW0uIAvrztSPGk_eZy8W-7EliY7l-HmZVly-1gtT71-KGZjZjySvunABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYguTP2pDyggOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN_umDvYrkgU96hJKuxobWI2MqZ1s_W8H8ImUj8JX7Mo0v8HEsFDHJidy6WRRkLI3Bpdi910wyGAE%26sig%3DAOD64_3Yuejdsme1nc6bysd9eUn403lGPA%26client%3Dca-pub-5814941088162332%26dbm_c%3DAKAmf-COfISZBV2buOFj8Dvro0b-RHN-nIKx2zrdKqn0v-7wUUey5sG-vsCozjpG4fi--NPS677e8pSJVCArNNE9OyFsNydK5q2HyI0EmwVDHAindaeBUsbSqJKr6Vx_1wE_p90pYSrG3nCBEsgv_jOVsrs4G6Ebx8apTpKhpqRxPnGO5LTkigY%26cry%3D1%26dbm_d%3DAKAmf-Bq0ye-BUPlqyopW-NCJaOhaKEQfwgkjBy4WEbZoC9-D9ttcxj0CrvSZKjpV-92-i8GslXNTDlWpTky--Hke2m6afcCKitmdUFu1gLsXZ8ive4JTrJILhOAV2q_1gUJ3G51Y1AnPup4Bh-7TddRALJ8NNp4qSAZ8Kqk-qQ7PlLDNdkITcd9U8tsMHlQVv7DjzZbutbmsnMPcW40zEn4n4RQJwl_0snBRXxzeOcWA2CXd8FdrbWHAgcG_yiNJaK6f9B0sbrt3pstCtLOKRrxe02Ind4AyMjLOpgt5FiWaxBfqI7aRxiXRg_1_oNLtTDIvOA-aUaMNzkFd90J0zZh6MyKXLgDatrTkb2FMlmreA83ehqhyFULG9Nd0q9z_x40DvPkI_YVeQdpsFCncimN67JGj9sD6ki9Ac09-zR-6VJlIkkm3jxk4vaSP5V_zVBUllk_M2VLZX120dlY5_QAw8Jq5i1XHvfKJzcBZxz_Ic04yZACxVHMfNKHl3jlse1JTxr5UGtsLx10nIR4C6gztuBjYdJBTkmbRbnffIzYFfb_pF8ZmGc%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5814941088162332%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1602281170%26pi%3Dt.aa~a.3920200256~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701567448%26rafmt%3D1%26to%3Dqs%26pwprc%3D3285142542%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fbloxfruitsdojo.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701567448440%26bpp%3D1%26bdt%3D2282%26idt%3D0%26shv%3Dr20231129%26mjsv%3Dm202311290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D4bb2dc42557d250b%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w%26gpic%3DUID%253D00000d01bc7b7af6%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw%26prev_fmts%3D0x0%252C1200x280%252C1200x90%252C1200x90%26nras%3D5%26correlator%3D5647626719242%26frm%3D20%26pv%3D1%26ga_vid%3D641933567.1701567446%26ga_sid%3D1701567447%26ga_hid%3D1023079412%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1835%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079266%252C31079437%252C44798934%252C31078301%252C31079861%252C44807751%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26psts%3DAOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A%26pvsid%3D3252580902845133%26tmod%3D1310125418%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D16&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbloxfruitsdojo.com&random=1389121937239&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Protocol: HTTP/1.1
Server: 138.201.63.165 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: c2c3eea5a482b3e489826617a7c2603d659e5a0cf76cbabf62a93590279a5b89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 01:37:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 72963800007218604444550012527005
Connection: close
Content-Length: 1351
Expires: Sun, 03 Dec 2023 01:37:30 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 01:37:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=7ea3e5bc02&subid=&uid=3924ef7f90a30f49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCadsG2NtrZZfQIcG9tOUP586eyAGm5b2gaYWVnKfJD_AuEAEg9fqrFmCVgoCAsAfIAQmpAocWcjmKQrI-qAMByAObBKoE9gFP0NAWr40ubsS6QEx5vrH_CwhTb6hYCoR0D4v8sTQp0Bomzr6zoW6mrm2orrHIYNwCjkS8R8kM1WWFaI6xg39e7UJmRn9YrnDQytH4fz5APCjqWjCOVQJyVoSMWNZ1eNWuI5N0Z1xX9Jbz10rO-PDsuYnNrSnSi7yfc7VOI99IN83VDGpRrtGra0U27DhWe-LMewynk14SIuj5YhTa_bdReVC6fRYA0HPrKV1_VVxK2GVGhREtul8Ugw_n0oUoQKCFycPG3HUqKTIsic02tpW0uIAvrztSPGk_eZy8W-7EliY7l-HmZVly-1gtT71-KGZjZjySvunABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYguTP2pDyggOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN_umDvYrkgU96hJKuxobWI2MqZ1s_W8H8ImUj8JX7Mo0v8HEsFDHJidy6WRRkLI3Bpdi910wyGAE%26sig%3DAOD64_3Yuejdsme1nc6bysd9eUn403lGPA%26client%3Dca-pub-5814941088162332%26dbm_c%3DAKAmf-COfISZBV2buOFj8Dvro0b-RHN-nIKx2zrdKqn0v-7wUUey5sG-vsCozjpG4fi--NPS677e8pSJVCArNNE9OyFsNydK5q2HyI0EmwVDHAindaeBUsbSqJKr6Vx_1wE_p90pYSrG3nCBEsgv_jOVsrs4G6Ebx8apTpKhpqRxPnGO5LTkigY%26cry%3D1%26dbm_d%3DAKAmf-Bq0ye-BUPlqyopW-NCJaOhaKEQfwgkjBy4WEbZoC9-D9ttcxj0CrvSZKjpV-92-i8GslXNTDlWpTky--Hke2m6afcCKitmdUFu1gLsXZ8ive4JTrJILhOAV2q_1gUJ3G51Y1AnPup4Bh-7TddRALJ8NNp4qSAZ8Kqk-qQ7PlLDNdkITcd9U8tsMHlQVv7DjzZbutbmsnMPcW40zEn4n4RQJwl_0snBRXxzeOcWA2CXd8FdrbWHAgcG_yiNJaK6f9B0sbrt3pstCtLOKRrxe02Ind4AyMjLOpgt5FiWaxBfqI7aRxiXRg_1_oNLtTDIvOA-aUaMNzkFd90J0zZh6MyKXLgDatrTkb2FMlmreA83ehqhyFULG9Nd0q9z_x40DvPkI_YVeQdpsFCncimN67JGj9sD6ki9Ac09-zR-6VJlIkkm3jxk4vaSP5V_zVBUllk_M2VLZX120dlY5_QAw8Jq5i1XHvfKJzcBZxz_Ic04yZACxVHMfNKHl3jlse1JTxr5UGtsLx10nIR4C6gztuBjYdJBTkmbRbnffIzYFfb_pF8ZmGc%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5814941088162332%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1602281170%26pi%3Dt.aa~a.3920200256~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701567448%26rafmt%3D1%26to%3Dqs%26pwprc%3D3285142542%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fbloxfruitsdojo.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701567448440%26bpp%3D1%26bdt%3D2282%26idt%3D0%26shv%3Dr20231129%26mjsv%3Dm202311290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D4bb2dc42557d250b%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w%26gpic%3DUID%253D00000d01bc7b7af6%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw%26prev_fmts%3D0x0%252C1200x280%252C1200x90%252C1200x90%26nras%3D5%26correlator%3D5647626719242%26frm%3D20%26pv%3D1%26ga_vid%3D641933567.1701567446%26ga_sid%3D1701567447%26ga_hid%3D1023079412%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1835%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079266%252C31079437%252C44798934%252C31078301%252C31079861%252C44807751%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26psts%3DAOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A%26pvsid%3D3252580902845133%26tmod%3D1310125418%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D16&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbloxfruitsdojo.com&random=1389121937239&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 03 Dec 2023 01:37:30 +0100

GET
H3 200 hero_aile_droite_mask.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 5 KB
5 KB 15ms
14ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_aile_droite_mask.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c923dd603f1f856930fef96bee2cb3e221e9197fa78d966b5f69d7977e0005e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:35:41 GMT
x-content-type-options: nosniff
age: 10909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:35:41 GMT

GET
H3 200 hero_aile_gauche.jpg
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 7 KB
7 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_aile_gauche.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bcefdbe9f8eba53ed1a831dd4248a8bf2f4dd1c87796e8349939f374e54649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7346
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BC4 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H3 200 hero_aile_gauche_mask.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 4 KB
4 KB 14ms
14ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_aile_gauche_mask.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da377ffa6f82aa6f6a7c8955c9264c98fc8561e9cd1511d51500cb07c407b405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3964
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A96E 0
25 B 49ms
48ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BzcjH2dtrZeePCY3N2fcP19WG2AUAAAAAOAHgBAI&bg=!ODulO3TNAAY3kmNgF5I7ADQBe5WfONjQ1rRnbLNsaqj3mzGLPx7ElwwOiAo0g3mBKo0ilXDmNhzJiUFqQSj83lUPhG5LAgAAAXJSAAAABWgBB5kDBE-WU06RlP7Hc9tDf3Rz7SexMDo-zHNXBiqgwqE32Cb-AHTLYIC9gvyGyJKNooP3FQJY1NFck4xgGtUuLOrClGvim9Pxr9giT6_y1RZrZ6Zi8rGn_sPjb5jxZDb3GW4ayvt3TVCJs7At0KS4ZHEK40ybHvOIgiskZ4hw93eYREnD7UFD8y9xRQWCW_HAOSwgry2WTI3ZFr1bxhFy8UH6D7FSQcQI_sL-OwQ-e04Siff3ytpY0UFg5IoDaazsNlVdZBXPJBPbXxQ2k4Ivc_iGmlH8wnb13YjBwAKCmcG5njokWn09kH3thQs0LfS46lIHvecGZUxr-3ajj37WG3FhGqEmNChKfTqfXtQtcO7GE3N8ekGl63Z0Zd2fR8iudJYsoq0tPvTyaSgG1sh2SyVFEdc5gp3YhFMCrZwakohPtL6T5OUw9wQ8PAQdZROlmXbj9SDDtYVVZt-RA0ZLx5NX9YspLyep9d_n1ydXTuVN20mOlsGr3WSMe9meoKqTJHu_kla44OnXnqfY4W35UAxP7T989-dl5UVxJ83t_T__SPShNtGwS4ddlJsapaAbJW3gCOBymexccLqt-7Ct74LOizYYO107qIXro6kSOGhIXOtN0nWXTqcZoavyP34hMWYvhv0mYfH0VIVhF6gT8nrR9DCxGs62KPOtsahK2wxNB2WZ2hU7CGlySfHeYCCxfGIURtNAa-wuMno_10w3PI5zl1I_MLST3NVtFbZi2SRnB1JXSzrq-82v9AikEzekHiWh3Y2HWgZ6Xjey2hym7JFbwiFPaftGfG8fdlqDoq8Lc67FsFwaRj1cy2SsjdXACXI0qVRtULbTHmSqkKfxmc5nuPvCsXOpp0-iar-zp4I-EkP0XHjS0T2Iv1BmnJau3AliEqb08mjOZCAOB_WZ6BSuV1f6Uf7IsxDqykcNMmQ_SpVoYh0cKjgDiU9G_pUrjAAWQ0apeN3TJEKCwroY9xmnbgAHFdET8qkcRfkv2ixrrnCtVLlQYagtwTTW-uG8_sPKedgHaiU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_arc.jpg
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 3 KB
3 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_arc.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca97d0fea3d504255677af9171d164f2deae9ce7938797a283d9ef16be7b39b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3002
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

GET
H3 200 hero_arc_mask.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 1 KB
1 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_arc_mask.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67207cef0f7e5f997e6c53a1eb2e2ff9623a3806973b4d455552eb8984508a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1393
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

GET
H3 200 hero_perso.jpg
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 5 KB
5 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_perso.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

478df55aba2de863cf27ce374453298ae960a1562580b9bffc125cdb6fd0e346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:38:11 GMT
x-content-type-options: nosniff
age: 10759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5357
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:38:11 GMT

GET
H3 200 hero_perso_mask.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_perso_mask.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d4665e82b9cbc20bce6de0bcb119f30f168c1f5d286969c9064ed271db92d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1743
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B0 0
25 B 47ms
47ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=27548434234&version=m202311060101&ct=119&x=1&cor=3689480796596287500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_queue.jpg
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 2 KB
2 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_queue.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df923467de95c6d8557266b0445c599566806656007e801e95b2d7b00a0a56d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2407
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

GET
H3 200 hero_queue_mask.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 723 B
750 B 14ms
14ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/hero_queue_mask.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08fe1a5b549627b1d380caabd8ff66edb6e1ab5b447e95d5ee2ca511a04048bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 723
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame DB29
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=72963800007218604444550012527005&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72963800007218604444550012527005&actionid=879111&produktid=ratenkredit&dt_url=

0
605 B

96ms
35ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72963800007218604444550012527005&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=7ea3e5bc02&subid=&uid=3924ef7f90a30f49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCadsG2NtrZZfQIcG9tOUP586eyAGm5b2gaYWVnKfJD_AuEAEg9fqrFmCVgoCAsAfIAQmpAocWcjmKQrI-qAMByAObBKoE9gFP0NAWr40ubsS6QEx5vrH_CwhTb6hYCoR0D4v8sTQp0Bomzr6zoW6mrm2orrHIYNwCjkS8R8kM1WWFaI6xg39e7UJmRn9YrnDQytH4fz5APCjqWjCOVQJyVoSMWNZ1eNWuI5N0Z1xX9Jbz10rO-PDsuYnNrSnSi7yfc7VOI99IN83VDGpRrtGra0U27DhWe-LMewynk14SIuj5YhTa_bdReVC6fRYA0HPrKV1_VVxK2GVGhREtul8Ugw_n0oUoQKCFycPG3HUqKTIsic02tpW0uIAvrztSPGk_eZy8W-7EliY7l-HmZVly-1gtT71-KGZjZjySvunABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYguTP2pDyggOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN_umDvYrkgU96hJKuxobWI2MqZ1s_W8H8ImUj8JX7Mo0v8HEsFDHJidy6WRRkLI3Bpdi910wyGAE%26sig%3DAOD64_3Yuejdsme1nc6bysd9eUn403lGPA%26client%3Dca-pub-5814941088162332%26dbm_c%3DAKAmf-COfISZBV2buOFj8Dvro0b-RHN-nIKx2zrdKqn0v-7wUUey5sG-vsCozjpG4fi--NPS677e8pSJVCArNNE9OyFsNydK5q2HyI0EmwVDHAindaeBUsbSqJKr6Vx_1wE_p90pYSrG3nCBEsgv_jOVsrs4G6Ebx8apTpKhpqRxPnGO5LTkigY%26cry%3D1%26dbm_d%3DAKAmf-Bq0ye-BUPlqyopW-NCJaOhaKEQfwgkjBy4WEbZoC9-D9ttcxj0CrvSZKjpV-92-i8GslXNTDlWpTky--Hke2m6afcCKitmdUFu1gLsXZ8ive4JTrJILhOAV2q_1gUJ3G51Y1AnPup4Bh-7TddRALJ8NNp4qSAZ8Kqk-qQ7PlLDNdkITcd9U8tsMHlQVv7DjzZbutbmsnMPcW40zEn4n4RQJwl_0snBRXxzeOcWA2CXd8FdrbWHAgcG_yiNJaK6f9B0sbrt3pstCtLOKRrxe02Ind4AyMjLOpgt5FiWaxBfqI7aRxiXRg_1_oNLtTDIvOA-aUaMNzkFd90J0zZh6MyKXLgDatrTkb2FMlmreA83ehqhyFULG9Nd0q9z_x40DvPkI_YVeQdpsFCncimN67JGj9sD6ki9Ac09-zR-6VJlIkkm3jxk4vaSP5V_zVBUllk_M2VLZX120dlY5_QAw8Jq5i1XHvfKJzcBZxz_Ic04yZACxVHMfNKHl3jlse1JTxr5UGtsLx10nIR4C6gztuBjYdJBTkmbRbnffIzYFfb_pF8ZmGc%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5814941088162332%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1602281170%26pi%3Dt.aa~a.3920200256~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701567448%26rafmt%3D1%26to%3Dqs%26pwprc%3D3285142542%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fbloxfruitsdojo.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701567448440%26bpp%3D1%26bdt%3D2282%26idt%3D0%26shv%3Dr20231129%26mjsv%3Dm202311290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D4bb2dc42557d250b%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w%26gpic%3DUID%253D00000d01bc7b7af6%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw%26prev_fmts%3D0x0%252C1200x280%252C1200x90%252C1200x90%26nras%3D5%26correlator%3D5647626719242%26frm%3D20%26pv%3D1%26ga_vid%3D641933567.1701567446%26ga_sid%3D1701567447%26ga_hid%3D1023079412%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1835%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079266%252C31079437%252C44798934%252C31078301%252C31079861%252C44807751%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26psts%3DAOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A%26pvsid%3D3252580902845133%26tmod%3D1310125418%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D16&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbloxfruitsdojo.com&random=1389121937239&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:37:30 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 03 Dec 2023 02:37:30 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Sun, 03 Dec 2023 01:37:30 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72963800007218604444550012527005&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 53349
x-iplb-request-id: B2A2D188:B3C0_91EFC182:01BB_656BDBDA_63935C8:55DF

GET
H2 200 / Show response
adv.office-partner.de/ Frame C455 930 B
923 B 59ms
7ms Document
text/html 2a0b:4d07:102::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=7ea3e5bc02&subid=&uid=3924ef7f90a30f49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCadsG2NtrZZfQIcG9tOUP586eyAGm5b2gaYWVnKfJD_AuEAEg9fqrFmCVgoCAsAfIAQmpAocWcjmKQrI-qAMByAObBKoE9gFP0NAWr40ubsS6QEx5vrH_CwhTb6hYCoR0D4v8sTQp0Bomzr6zoW6mrm2orrHIYNwCjkS8R8kM1WWFaI6xg39e7UJmRn9YrnDQytH4fz5APCjqWjCOVQJyVoSMWNZ1eNWuI5N0Z1xX9Jbz10rO-PDsuYnNrSnSi7yfc7VOI99IN83VDGpRrtGra0U27DhWe-LMewynk14SIuj5YhTa_bdReVC6fRYA0HPrKV1_VVxK2GVGhREtul8Ugw_n0oUoQKCFycPG3HUqKTIsic02tpW0uIAvrztSPGk_eZy8W-7EliY7l-HmZVly-1gtT71-KGZjZjySvunABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYguTP2pDyggOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN_umDvYrkgU96hJKuxobWI2MqZ1s_W8H8ImUj8JX7Mo0v8HEsFDHJidy6WRRkLI3Bpdi910wyGAE%26sig%3DAOD64_3Yuejdsme1nc6bysd9eUn403lGPA%26client%3Dca-pub-5814941088162332%26dbm_c%3DAKAmf-COfISZBV2buOFj8Dvro0b-RHN-nIKx2zrdKqn0v-7wUUey5sG-vsCozjpG4fi--NPS677e8pSJVCArNNE9OyFsNydK5q2HyI0EmwVDHAindaeBUsbSqJKr6Vx_1wE_p90pYSrG3nCBEsgv_jOVsrs4G6Ebx8apTpKhpqRxPnGO5LTkigY%26cry%3D1%26dbm_d%3DAKAmf-Bq0ye-BUPlqyopW-NCJaOhaKEQfwgkjBy4WEbZoC9-D9ttcxj0CrvSZKjpV-92-i8GslXNTDlWpTky--Hke2m6afcCKitmdUFu1gLsXZ8ive4JTrJILhOAV2q_1gUJ3G51Y1AnPup4Bh-7TddRALJ8NNp4qSAZ8Kqk-qQ7PlLDNdkITcd9U8tsMHlQVv7DjzZbutbmsnMPcW40zEn4n4RQJwl_0snBRXxzeOcWA2CXd8FdrbWHAgcG_yiNJaK6f9B0sbrt3pstCtLOKRrxe02Ind4AyMjLOpgt5FiWaxBfqI7aRxiXRg_1_oNLtTDIvOA-aUaMNzkFd90J0zZh6MyKXLgDatrTkb2FMlmreA83ehqhyFULG9Nd0q9z_x40DvPkI_YVeQdpsFCncimN67JGj9sD6ki9Ac09-zR-6VJlIkkm3jxk4vaSP5V_zVBUllk_M2VLZX120dlY5_QAw8Jq5i1XHvfKJzcBZxz_Ic04yZACxVHMfNKHl3jlse1JTxr5UGtsLx10nIR4C6gztuBjYdJBTkmbRbnffIzYFfb_pF8ZmGc%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5814941088162332%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1602281170%26pi%3Dt.aa~a.3920200256~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701567448%26rafmt%3D1%26to%3Dqs%26pwprc%3D3285142542%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fbloxfruitsdojo.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701567448440%26bpp%3D1%26bdt%3D2282%26idt%3D0%26shv%3Dr20231129%26mjsv%3Dm202311290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D4bb2dc42557d250b%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w%26gpic%3DUID%253D00000d01bc7b7af6%253AT%253D1701567447%253ART%253D1701567447%253AS%253DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw%26prev_fmts%3D0x0%252C1200x280%252C1200x90%252C1200x90%26nras%3D5%26correlator%3D5647626719242%26frm%3D20%26pv%3D1%26ga_vid%3D641933567.1701567446%26ga_sid%3D1701567447%26ga_hid%3D1023079412%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1835%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079266%252C31079437%252C44798934%252C31078301%252C31079861%252C44807751%252C44807764%252C44808148%252C44808285%252C44809072%26oid%3D2%26psts%3DAOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A%26pvsid%3D3252580902845133%26tmod%3D1310125418%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D16&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbloxfruitsdojo.com&random=1389121937239&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 -, , ASN (),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 03 Dec 2023 01:37:30 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 10 Dec 2023 01:37:30 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 778A
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=72963800007218604444550012527005&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72963800007218604444550012527005&actionid=879111&produktid=ratenkredit&dt_url=

0
179 B

62ms
38ms

Script
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72963800007218604444550012527005&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:30 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 03 Dec 2023 02:37:30 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 01:37:31 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 53758
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D188:B3C2_91EFC182:01BB_656BDBDA_63E849F:41F0
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72963800007218604444550012527005&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 778A 43 B
665 B 397ms
90ms Image
image/gif 145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=72963800007218604444550012527005&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:31 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D188:B3C4_91EFC182:01BB_656BDBDA_63E84A0:41F0
x-iplb-instance: 53758
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 778A 43 B
702 B 528ms
265ms Image
image/gif 23.212.218.19

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=72963800007218604444550012527005&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 01:37:31 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BC4 0
25 B 51ms
50ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BY1ng2ttrZaJxnvbH8A_IhJ_QCAAAAAA4AeAEAg&bg=!EhGlEV7NAAY3kmNgF5I7ADQBe5WfOJEQkfmOJecLMEXt1MmU3g--2r8DxfjLsY1slhH31vZI6t83HYTzhyGG-gUwvwwOAgAAAItSAAAABWgBB5kDCY8h6K6qEf3nsepegsl5ONnkSQ1m3Q3v8rXtVpKi8fWXuev-UNyg7Q1B0odu5nuhFT2RE7vRCNcml7_gp4MS84olsrBeFjWZSgVQBTCRSTb5dgy0Ygtg8c9wGbjTC3w8eJJDN9o6ywxxVBBG-REtymAS6tz3_Hfc059_l7Ot3TFOOZpSQhPCyvmvaqXVMNarZs5xeJlWzMA9GyrvoLZ53xrqxEVf0f-aEPiWIytsM6ixdNq34SXQCNel9dsHJ0Hsi4S-FQGf5ibsR-UCLDvZD8iT4stKLLJHL0uJDRXWz8lY2ahyv1DvUYkPAa9uDmuPiTumrpYVSOg_vHq47KaHr2QUokOn3BjPxQ7iRMH2wsC1EIVXjwxn8AekCpcr_lqJkT6NrJYElW6UxYUwrdkgt02EwS3DahuGyHeIJrsKpI0hR8iSJSH4YbUBqB6HXX8yZk_cP5-B-gxqw9_ep1PrX_a8qSyrYv4dHmq2wV1DtR3L-WmgFY5D8-RhkFju31oWDDs59KT9mkcFaNDjwmndwx4km-QpQhhCCvPpB5oAVKvPXN1no8tXKRHZuhgcW1oz-utAcqY7RVO3eIvBMc67qm2DqaAvAoTLiwzha8t-x0pRtc2jeFheyT4v5GES4tDHd-gQhvjrdsD05XqY98V6NHxth4mKi8VD7UiIR5wVRXLG7OqS0x1rJepV99kLPgB5cir1B8RPDiERzjBe_aZ_j1pEdHlKEzielBaAytI9EPqoCHoak1d06u07pFd8VLo_qjnvL43drgkHr_HjV4dXTrsseexeLyyY9SxvpiCZXAhwH64_6RApMV3Uq7ba9ni-KQ86aqQzJelnIq3tNFXSeTrwWr4xFMh8EZwRctddxhI0dgtlog1zI_dKCoorzXB7TX0cRqlWQFXZ8yRD3XtrWWnhLy53iuMgLNzUBxUBpRaE3tBYyrbP771etxtWwU_lvi9hN8H7tjCgYm1qNiGi9m31PvWZ_bdfAjf-41GBb3I9k-A0AniA7gX8ld6Vva-la4QMb8wenQrvcw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 light.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 230 B
257 B 13ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/light.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a22214499239ad40449a746be3908bdbb4d50373b95ee7a33c962e5c0b79195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 230
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

GET
H3 200 logo_1.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 5 KB
5 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/logo_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea6da7f66ffc4e7b4026c12ba6e669ff11620555c8dcfd2cb7ddcb3e8376b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 118246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4702
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:44 GMT

GET
H3 200 logo_2.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 5 KB
5 KB 14ms
14ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/logo_2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a6a220226db4936bcab37bb045ce68aae5da7bfa1bb1e94251c57f8def5266e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:45 GMT
x-content-type-options: nosniff
age: 118245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5316
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:45 GMT

GET
H3 200 pegi.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 783 B
810 B 14ms
14ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/pegi.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1527b2daf5d6ae07ec52a375338c79c7cd1d337bc2e7bbb931b46f23b9506f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:45 GMT
x-content-type-options: nosniff
age: 118245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 783
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:45 GMT

GET
H3 200 playstation_charte.png
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/playstation_charte.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e0f8bae1d777d1257712538ae7bb2d31855de37fdde76f57e315a42c36af85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:45 GMT
x-content-type-options: nosniff
age: 118245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2655
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:45 GMT

GET
H3 200 sun.jpg
s0.2mdn.net/sadbundle/1876137525177158889/images/ Frame 520C 6 KB
6 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1876137525177158889/images/sun.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdcc9205fe74aab84dd7c95a500dc9c763576da670639444c8c4b70a5d8f2511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1876137525177158889/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:45 GMT
x-content-type-options: nosniff
age: 118245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6133
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:19:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 16:46:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame C455 175 KB
63 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5232762403669e6e16c90e09a892866d960efa8a81c48b09d2d14e70c1e864a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64119
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Dec 2023 01:37:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C455 274 KB
91 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e509f4ff4e73cfd5c9c2fa4be99c2975cc90bfd82466f3b4c7948bbbead508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93077
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 01:37:31 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 778A 2 KB
2 KB 419ms
100ms Script
text/html 13.42.211.181

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=72963800007218604444550012527005&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.211.181 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 426d9d5744ec4724ed207264e0968bcb62732fea42d55559f27aecf9feb5c610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:31 GMT
last-modified: Sun, 03 Dec 2023 01:37:31 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 03 Dec 2023 01:38:31 GMT

GET
H2

200

activityi;dc_pre=COGbiNyQ8oIDFf2d_QcdRG8M1w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023 Show response
8019191.fls.doubleclick.net/ Frame 8868
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023?
https://8019191.fls.doubleclick.net/activityi;dc_pre=COGbiNyQ8oIDFf2d_QcdRG8M1w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023?

391 B
326 B

41ms
40ms

Document
text/html

142.250.186.38

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=COGbiNyQ8oIDFf2d_QcdRG8M1w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a3e23a5f8e091572de04e35d09c175a940c7a5dbaed21191c816e4f42d841d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:31 GMT
expires: Sun, 03 Dec 2023 01:37:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:37:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=COGbiNyQ8oIDFf2d_QcdRG8M1w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame BBF8 7 KB
2 KB 38ms
12ms Document
text/html 138.201.63.165

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=72963800007218604444550012527005&a=542a87ec
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 3ee2324f249678acc3989652e48abcc85fa082b22dfd68429dab0678874f61fc

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2082
Content-Type: text/html; charset=utf-8
Date: Sun, 03 Dec 2023 01:37:31 GMT
Expires: Sun, 03 Dec 2023 01:37:31 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F680 1 KB
650 B 26ms
14ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 778A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 728ba64e9f22a4d0cf44b53fa118817d9ce2a0fa7a3300bdaf898e853701765c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame BBF8 2 KB
434 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=72963800007218604444550012527005&a=542a87ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 01:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 23:53:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 01:37:31 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BBF8 10 KB
10 KB 41ms
14ms Image
image/png 138.201.63.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=72963800007218604444550012527005&a=542a87ec
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 790879fb7e283f31834e4db8bd8068a9a30cbfd7abd248f3826aeee464e5efb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:37:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9892
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BBF8 9 KB
9 KB 39ms
14ms Image
image/png 138.201.63.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=72963800007218604444550012527005&a=542a87ec
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 2a62d3ae5617ba9f6733ab6fd31e62692547f6552cda9fc8230fdffc71172403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:37:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9249
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BBF8 7 KB
7 KB 37ms
12ms Image
image/png 138.201.63.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native4.png
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=72963800007218604444550012527005&a=542a87ec
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 1ad6c7cd061d09fa0dd5b38246c8dc33ef0c2ebf076d74f4a73382124825ac8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:37:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7116
Vary: Accept-Encoding
Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F680
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3RJU0tkUGgxUjlCcWg1&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmRa59xHGzFVblgSd8zmFGdYprXXY_Sqorw8MVtOaMP...

170 B
188 B

24ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3RJU0tkUGgxUjlCcWg1&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmRa59xHGzFVblgSd8zmFGdYprXXY_Sqorw8MVtOaMPZPX9K61dDNObR-r4-MU9b89RfhXa14DRIgAUnhHgshroav8rGoM3UQzQMGnrtBqQXEkAdsYgmNQB22WPQjZW4A72YNTadNuW5BuQAlydqtCFaC8c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 01:37:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c3RJU0tkUGgxUjlCcWg1&google_gid=CAESEGJbg7C8v26k6VtrES-T-rw&google_cver=1&google_push=AXcoOmRa59xHGzFVblgSd8zmFGdYprXXY_Sqorw8MVtOaMPZPX9K61dDNObR-r4-MU9b89RfhXa14DRIgAUnhHgshroav8rGoM3UQzQMGnrtBqQXEkAdsYgmNQB22WPQjZW4A72YNTadNuW5BuQAlydqtCFaC8c
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F680
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wld2YjJRQUVGa28zbndCSA==&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_cver=1&google_push=AXcoOmR9IY3baMHR6ExoJTx_Asw72Uckdg...

170 B
188 B

24ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wld2YjJRQUVGa28zbndCSA==&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_cver=1&google_push=AXcoOmR9IY3baMHR6ExoJTx_Asw72UckdgINx5MpUx7gU86-gzu02lu39ZeL7om7wGputjnHYWux6ARSUkVGMB7Xuy2t7EnACfgDjhHF0KB4X2hdcWUNxzRcps8BHLdCdEp_RKkRY2O1dJo7PjbYKpmJDV0O8hs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230038-FRA
pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701567452.525783,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wld2YjJRQUVGa28zbndCSA==&google_gid=CAESEAhm4hyf1pIqJQ79yBkpkDw&google_cver=1&google_push=AXcoOmR9IY3baMHR6ExoJTx_Asw72UckdgINx5MpUx7gU86-gzu02lu39ZeL7om7wGputjnHYWux6ARSUkVGMB7Xuy2t7EnACfgDjhHF0KB4X2hdcWUNxzRcps8BHLdCdEp_RKkRY2O1dJo7PjbYKpmJDV0O8hs
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F680 70 B
148 B 40ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECQBlodgY_NFa_r94rUlj2U&google_cver=1&google_push=AXcoOmSiMg3YgaRcRboecuUnxQDJcZTs_S5eQKDqR78dKASl_cPOf_antGvUI4AhnSePjZkx1dkvpruhMwZc6k7HXl2JPWEw_iKJz_VFMK-Weg-prFCcvnhOVf9bfHaR1oFdaHYLqtDme972Nbp10kXHGqHGyg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F680
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKFqvK0bI7ZQRXthu-ftjHs&google_cver=1&google_push=AXcoOmTU2H3lD9uWWphqjkIDxDCShx5u-TZ9WWepi74S9OdqCtQ83ukVbp-HFwZmlKz92RfLnoKxNDeLH96BX5Rd...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OVpN3YkgRSIfRLsUDQ4VPA&google_push=AXcoOmTU2H3lD9uWWphqjkIDxDCShx5u-TZ9WWepi74S9OdqCtQ83ukVbp-HFwZmlKz92RfLnoKxNDeLH96BX5RdJm6VYJKnb_Af6-N...

170 B
188 B

28ms
26ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OVpN3YkgRSIfRLsUDQ4VPA&google_push=AXcoOmTU2H3lD9uWWphqjkIDxDCShx5u-TZ9WWepi74S9OdqCtQ83ukVbp-HFwZmlKz92RfLnoKxNDeLH96BX5RdJm6VYJKnb_Af6-N_rlo6Dl6sSUhKFFqqgXHjyPjMSxViMTTHWG0DZqLFjHIqqx1pNE-sLg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 01:37:31 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OVpN3YkgRSIfRLsUDQ4VPA&google_push=AXcoOmTU2H3lD9uWWphqjkIDxDCShx5u-TZ9WWepi74S9OdqCtQ83ukVbp-HFwZmlKz92RfLnoKxNDeLH96BX5RdJm6VYJKnb_Af6-N_rlo6Dl6sSUhKFFqqgXHjyPjMSxViMTTHWG0DZqLFjHIqqx1pNE-sLg
x-host: tde-deliveryengine-production-6987bbc57b-x8svn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F680
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMrkjDu5K806SSFfKvQK6z4&google_cver=1&google_push=AXcoOmRufIWQmNh5jWvMeYNZYbbfE0TfbZKtvd02p5C7FrXZ1auBfZTBsXzlEs5ZkwJg3pP2AmXK9RFa...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1Njg1NzU1Njk5ODgyOTM5MQ&google_push=AXcoOmRufIWQmNh5jWvMeYNZYbbfE0TfbZKtvd02p5C7FrXZ1auBfZTBsXzlEs5ZkwJg3pP2AmXK9R...

170 B
188 B

31ms
30ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1Njg1NzU1Njk5ODgyOTM5MQ&google_push=AXcoOmRufIWQmNh5jWvMeYNZYbbfE0TfbZKtvd02p5C7FrXZ1auBfZTBsXzlEs5ZkwJg3pP2AmXK9RFaFBqv0llPRD_MBfgmOO94tVt-BCHZ1-UrY9SaQovT1kbmGPy__lAIjlvDmLsX1eVaIgSE4z1sumAj5w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1Njg1NzU1Njk5ODgyOTM5MQ&google_push=AXcoOmRufIWQmNh5jWvMeYNZYbbfE0TfbZKtvd02p5C7FrXZ1auBfZTBsXzlEs5ZkwJg3pP2AmXK9RFaFBqv0llPRD_MBfgmOO94tVt-BCHZ1-UrY9SaQovT1kbmGPy__lAIjlvDmLsX1eVaIgSE4z1sumAj5w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F680
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBVDizj3Z-P3X-CdvBlkRAM&google_cver=1&google_push=AXcoOmQJpxATWF4xMSYNNa9_FR-VH5Fme3pfH7ElKqN25_v0kfQAtRffFy7EIdVNaga9FpAGi1Im6oxT5mS0...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJpxATWF4xMSYNNa9_FR-VH5Fme3pfH7ElKqN25_v0kfQAtRffFy7EIdVNaga9FpAGi1Im6oxT5mS0NvKyl8Sp-Udvffe6UpJh8B58D2s2W8DCaXQE...

170 B
188 B

27ms
26ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJpxATWF4xMSYNNa9_FR-VH5Fme3pfH7ElKqN25_v0kfQAtRffFy7EIdVNaga9FpAGi1Im6oxT5mS0NvKyl8Sp-Udvffe6UpJh8B58D2s2W8DCaXQECcPoo4wvzMxdVshJejLEbkpOTFCST5LMyQCcYLc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJpxATWF4xMSYNNa9_FR-VH5Fme3pfH7ElKqN25_v0kfQAtRffFy7EIdVNaga9FpAGi1Im6oxT5mS0NvKyl8Sp-Udvffe6UpJh8B58D2s2W8DCaXQECcPoo4wvzMxdVshJejLEbkpOTFCST5LMyQCcYLc
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F680
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENpJED68QzSmQTTMVR7Dlms&google_cver=1&google_push=AXcoOmQ94EYKeoxDOSw53amukhPNSTEKQt03VPgMHHMRh6DiegaG8xMQFAPTG4Rjpi...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ94EYKeoxDOSw53amukhPNSTEKQt03VPgMHHMRh6DiegaG8xMQFAPTG4RjpixbDCkNkTQFRVz6RG0I4T5d-TZZ4LXVktoMOAlRTugHKkcQTw...

170 B
188 B

23ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ94EYKeoxDOSw53amukhPNSTEKQt03VPgMHHMRh6DiegaG8xMQFAPTG4RjpixbDCkNkTQFRVz6RG0I4T5d-TZZ4LXVktoMOAlRTugHKkcQTwvzsC6HAEW8KbuHHpmo-W8nXJmAuKHGuMh3eigHS-KY1Xc&google_hm=vmM77zFGSVu4aF1YPE_Dxog

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ94EYKeoxDOSw53amukhPNSTEKQt03VPgMHHMRh6DiegaG8xMQFAPTG4RjpixbDCkNkTQFRVz6RG0I4T5d-TZZ4LXVktoMOAlRTugHKkcQTwvzsC6HAEW8KbuHHpmo-W8nXJmAuKHGuMh3eigHS-KY1Xc&google_hm=vmM77zFGSVu4aF1YPE_Dxog
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F680 0
12 B 25ms
20ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5SBRFk8-qfRW_0O0xqPSfyaso4IhTzq9bir2wnk267Fs0GIk_PDmHJa_CGek9o8p-sVU82g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:37:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame BBF8 0
150 B 35ms
12ms Script
text/html 138.201.63.165

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=72963800007218604444550012527005&a=1897455b&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=72963800007218604444550012527005&a=542a87ec
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/request_content.php?s=72963800007218604444550012527005&a=542a87ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:37:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 778A 53 KB
19 KB 54ms
8ms Script
application/javascript 18.66.147.98

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=72963800007218604444550012527005&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:36:09 GMT
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 46883
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: s6TGSVNZil6S-K26Jpg9-0Ll6bQvQL1Ikuuzkbg4DekgzBeIYtiJzQ==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 778A 85 B
437 B 53ms
7ms Image
image/gif 99.86.4.53

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1701567751&Signature=pMbfQ-lphqHBZVVEGcqWNgFCeoFOC24SKg-0o5DvpuJby8AlF6BeKOxnYvWH~hGDm-5Cq4N776waSZgHq~b~WcPYME2LHI~pkKpa-Ipt4M9Ni-G30odPeZj3ljTAk~hgTrL96-jJoE4EwyShyIA7gSkAliH-CLX9V0rbc-nC~R5i0-uQt3P-kPHiFo1JEkWEOlxAEKYfjdedxMX8DG-gEuPJYrxPgfaRUDDtNrHQ3aAbYchX9KpbJNPzZcdj-a-wpu8dIRx0Bpx-9C7u9-Sc3M-sq8pacZSRjBkbpdoCkfjlwY7xJr1b0QP28nwO-zz7gDt5gDY-QauCEazKBM5ywQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5814941088162332&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3920200256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701567448&rafmt=1&to=qs&pwprc=3285142542&format=1200x90&url=https%3A%2F%2Fbloxfruitsdojo.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701567448440&bpp=1&bdt=2282&idt=0&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4bb2dc42557d250b%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w&gpic=UID%3D00000d01bc7b7af6%3AT%3D1701567447%3ART%3D1701567447%3AS%3DALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw&prev_fmts=0x0%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=5647626719242&frm=20&pv=1&ga_vid=641933567.1701567446&ga_sid=1701567447&ga_hid=1023079412&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079437%2C44798934%2C31078301%2C31079861%2C44807751%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGsnxs1MWsyCmP4PD_3ERN2suJgXId3FLbp5UTwl3deSUa80Napai1ztVx9YwO1ObQCBieAthq8VqJgCZTMtdb54j7A&pvsid=3252580902845133&tmod=1310125418&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 02 Dec 2023 14:20:45 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 40607
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: 8G-yIvRvk-lWxZg-qIfGQ0mvjqz30EKmBJHxAw3zfPuxeyiHUstBgw==

GET
H2 200 dc_pre=COGbiNyQ8oIDFf2d_QcdRG8M1w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023
adservice.google.com/ddm/fls/z/ Frame 8868 42 B
401 B 118ms
50ms Image
image/gif 2a00:1450:4001:82f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COGbiNyQ8oIDFf2d_QcdRG8M1w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=COGbiNyQ8oIDFf2d_QcdRG8M1w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=810092941916.9023?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:37:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECOsq8wSb4n5Lkckpq6PEH4&google_cver=1&google_push=AXcoOmRSC2cEbfo5nr56NaSX1MmZVCVXugc1V3SqCdEp6BYgaaghrAzvuvTc4GRdMlwIRLR8AWraU2_nGhX7W1IExJHJu26-pjXJqdQF

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bloxfruitsdojo.com/	1970-01-21 02:15:27	Name: _ga Value: GA1.1.641933567.1701567446
.bloxfruitsdojo.com/	1970-01-21 02:01:03	Name: __gads Value: ID=4bb2dc42557d250b:T=1701567447:RT=1701567447:S=ALNI_Mbm9oOTdd2SGfalSfLLRmd3_U9f8w
.bloxfruitsdojo.com/	1970-01-21 02:01:03	Name: __gpi Value: UID=00000d01bc7b7af6:T=1701567447:RT=1701567447:S=ALNI_Mb5F-33Pk2S0Xx8GaUGNhJ51vNQFw
.doubleclick.net/	1970-01-21 02:01:03	Name: IDE Value: AHWqTUnPfQZFG5R8QG5ni3Tdn7oJaThfss0wJILJMqJRr8Te69IFBgoEMcLMgtI9Iho
.googleadservices.com/	1970-01-20 18:49:03	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 01:25:03	Name: CMID Value: ZWvb2DbigFlVss6j17fGyAAA
.casalemedia.com/	1970-01-20 18:49:03	Name: CMPS Value: 2136
.casalemedia.com/	1970-01-20 18:49:03	Name: CMPRO Value: 2136
.adnxs.com/	1970-01-20 18:49:03	Name: uuid2 Value: 4027233823557528644
.doubleclick.net/	1970-01-20 20:58:39	Name: APC Value: AfxxVi47Oh6uYMjuc1WYiTTW3iV0TNslAGgtd6e58gjKWRP_zqpNYQ
.adnxs.com/	1970-01-20 18:49:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVHwSqz2!]tbPl1M>e)ZlrFUfJ+tGXxoXHMr6jOm$r7BBa75IjXCSLAfSxNa`=7q[>Hf3If)y3KL9D3I?-.XKTbQ
.doubleclick.net/	1970-01-20 16:39:31	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-21 01:26:29	Name: suid Value: 32CC7D9C45E544C383A0535EF38DB24C
.agkn.com/	1970-01-21 01:25:03	Name: ab Value: 0001%3AGyEwHrIhrTg0wx3yOwQFqXzfyI1H%2Fi1p
.agkn.com/	1970-01-21 01:25:03	Name: u Value: C\|0CEAs_phZLP6YWQAAAAAAAQ13AQCAAQpAAAAAAA
.adform.net/	1970-01-20 17:24:05	Name: C Value: 1
.adform.net/	1970-01-20 18:05:51	Name: uid Value: 4356857556998829391
.innovid.com/	1970-01-20 18:49:03	Name: uuid Value: 7553f1b1-34a7-4fb4-bb9f-35845c3ec7fb-20231202 20:37:29
.travelaudience.com/	1970-01-21 02:11:08	Name: _tracker Value: %7B%22UUID%22%3A%22395A4DDD-8920-4522-1F44-BB140D0E153C%22%7D
.ctnsnet.com/	1970-01-21 01:25:03	Name: cid_be633bef3146495bb8685d583c4fc3c6 Value: 1
.ctnsnet.com/	1970-01-21 01:25:03	Name: gid_CAESENpJED68QzSmQTTMVR7Dlms Value: 1
.w55c.net/	1970-01-21 02:11:08	Name: wfivefivec Value: stISKdPh1R9Bqh5
.w55c.net/	1970-01-20 17:22:39	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-21 01:25:25	Name: A3 Value: d=AQABBNnba2UCEKSxAUAOpIHnCfSvWtw2eF4FEgEBAQEtbWV1ZQAAAAAA_eMAAA&S=AQAAAkpoWYEo8t_hnw1prl5c_ow
.everesttech.net/	1970-01-21 01:25:03	Name: everest_g_v2 Value: g_surferid~ZWvb2QAEFko3nwBH
.bloxfruitsdojo.com/	1970-01-21 02:15:27	Name: _ga_3MK7NNWSET Value: GS1.1.1701567446.1.0.1701567450.0.0.0
.doubleclick.net/	1970-01-20 17:22:39	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 18:49:03	Name: 8lcfmzhxc8d6_uid Value: ced70482ad8bb21d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
ad.doubleclick.net
ads.travelaudience.com
adservice.google.com
adv.office-partner.de
ag.innovid.com
analytics.webgains.io
bid.g.doubleclick.net
bloxfruitsdojo.com
c1.adform.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
csi.gstatic.com
d.agkn.com
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal90005.redintelligence.net
ib.adnxs.com
imasdk.googleapis.com
ius.ctnsnet.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pb.media01.eu
pm.w55c.net
pr-bh.ybp.yahoo.com
pv.medialead.de
r4---sn-5go7ynld.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
s7.addthis.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
us-u.openx.net
www.awin1.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
googlecm.hit.gemius.pl
13.42.211.181
138.201.63.165
142.250.186.130
142.250.186.38
145.239.193.130
15.197.193.217
151.101.66.49
172.217.16.130
172.217.16.194
172.64.151.101
178.250.1.9
18.66.147.98
2.18.161.51
2001:4860:4802:34::36
216.58.212.166
23.212.201.72
23.212.218.19
2606:4700:3035::6815:3e35
2606:4700::6811:190e
2607:f8b0:4002:c02::78
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:400f:3::9
2a02:26f0:3500:11::215:14dc
2a05:d018:d29:3605:2964:2b9e:c1c9:93f0
2a05:d01c:1d8:8100:9449:420b:1a77:b906
2a0b:4d07:102::1
3.123.68.216
35.157.253.10
35.186.193.173
35.190.0.66
35.204.74.118
35.244.159.8
37.157.6.237
37.252.171.21
51.89.9.253
52.28.254.225
74.125.71.157
88.198.250.30
99.86.4.53
02efc671abb6ee1f6f0b544741212b4c552eaa0b640abda5d7a947df25a19e06
043dd72980c84b4a315680bb6d62b2fdb19acc739d3bfe8596c99bbba6255c1e
05129b71314566c11846316f0f914c08cb2b9093e37df0b6dd2e2facbf8d71ba
05e0f8bae1d777d1257712538ae7bb2d31855de37fdde76f57e315a42c36af85
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08fe1a5b549627b1d380caabd8ff66edb6e1ab5b447e95d5ee2ca511a04048bc
0956358000a66d15052f7a9a4eb517a57454cb824c093b87b6ebc2d3bbeed4a0
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c7233aa5f0f9be411b54520846cf44c5bb07cde758075ae4ea3e1869a777926
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ad6c7cd061d09fa0dd5b38246c8dc33ef0c2ebf076d74f4a73382124825ac8e
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a62d3ae5617ba9f6733ab6fd31e62692547f6552cda9fc8230fdffc71172403
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33b32acacc3d3b967af9416c72a05e02659fe1112b2a19c9c8b6b3abc96037f4
372a09f4ee236cabd4e8bc1f6705cf6c1dd3092538ad23cdcb344aaa431f09ba
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a09d95b1b8242c2cca4d97b1a50690a2bafb042966a7fddb91b0cb8917f3299
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3ee2324f249678acc3989652e48abcc85fa082b22dfd68429dab0678874f61fc
40b64b933931e3e0eb6f2f53046293ba8a88476634c2a458117bf8d59597b766
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
426d9d5744ec4724ed207264e0968bcb62732fea42d55559f27aecf9feb5c610
4291965ff25f882989571e9754088769a8180c2f6fb61b071fa3e45eee8f83c6
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
478df55aba2de863cf27ce374453298ae960a1562580b9bffc125cdb6fd0e346
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48785a4d40b13f059fd7e607381728675d534d26c8bd4bbab39917fdcfcfd4df
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5d781351abbd6a3d947a0bcf9d651c6d931d4af90e2f393d3a5ee4dd3badd6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5232762403669e6e16c90e09a892866d960efa8a81c48b09d2d14e70c1e864a5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
584accc2c8007dc6b4b54fcd527ff937eca71635e0017dd1e844355593cf92bb
60ee46a8a5ca781929c6a452d40add3d72be1b1bb7f13eeefdd77a67f06dc9d6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67207cef0f7e5f997e6c53a1eb2e2ff9623a3806973b4d455552eb8984508a67
69c125288d8728def579b136aed566fcba8c8686eb89958005ab3dd01968614e
6a22214499239ad40449a746be3908bdbb4d50373b95ee7a33c962e5c0b79195
6e509f4ff4e73cfd5c9c2fa4be99c2975cc90bfd82466f3b4c7948bbbead508a
728ba64e9f22a4d0cf44b53fa118817d9ce2a0fa7a3300bdaf898e853701765c
790879fb7e283f31834e4db8bd8068a9a30cbfd7abd248f3826aeee464e5efb4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a6a220226db4936bcab37bb045ce68aae5da7bfa1bb1e94251c57f8def5266e
7ae6ac4701dcae19e231f1e5b5a4edcc41658a0c6aea6e621410b1d72e5de338
7cf1846a92411846587e3fa3f6c1851e0eca6c12e46135cc68a95184de36e4cc
7da6fc5fcbc16d83c625586ddb1ddf9a1bff269ac6dc0c4c6df431a9093038ec
7f56af000c91d93ff99956eaf0d0370bc483b37296202f23ecece5a90fa99184
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
8245304016bbdbcd319b81796c16a502657b6254b32dadebd2c6664003be2877
8728520b817c7615119cec1c37953caeeff0d1715603ad2234a992e811aed348
8ba9ebd4e7eaf75926bd8d6e4dd300c4d6ad088e4df6bd71e3d915a32a74db6a
8bd0f7c26b7f29dc7abb779c1dabc29d1223a5d7fe8870a7be197c3976e614ce
8c6389c8685c96152e660a302ea05fb8e31f86eeedc60803737a563b3d39a62d
8d4665e82b9cbc20bce6de0bcb119f30f168c1f5d286969c9064ed271db92d8f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea6da7f66ffc4e7b4026c12ba6e669ff11620555c8dcfd2cb7ddcb3e8376b35
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92dc8028d23f7578c53788e8b2176a00ae0d696d627cfa495692db6e3faaa58a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c923dd603f1f856930fef96bee2cb3e221e9197fa78d966b5f69d7977e0005e
9ca0ddc17cdf11dbe3280887641ae1e8509672b84447f336ee9258c702dfc340
9e36b64e25b34ebcc74dd0bad0475dfb05cf18e8fa37c1fbc45ebc2063628f5d
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1b07b085a9dcf27120cdd5900de8c4eba29c4aaff3a9bf019667937eee39b42
a3e23a5f8e091572de04e35d09c175a940c7a5dbaed21191c816e4f42d841d47
a677e536351a1e0a5daf0f9d5ce5129f39afe311c787f041447c97e6eeb87e34
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
ab34afbd3612d8410e43e3fb941283590e82b84137c47f7313fc4df65bcb2517
ae230bdb5bbb6a374f1d74c9d9cba1403c6a655b57b833a8f02efc5c7b2e5dcf
af07b1f62353c8dfab4d4dc37fbbe73cf6201ec45bbfde3de5b239bb795e291a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bdcc9205fe74aab84dd7c95a500dc9c763576da670639444c8c4b70a5d8f2511
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c1527b2daf5d6ae07ec52a375338c79c7cd1d337bc2e7bbb931b46f23b9506f5
c1f0787b6165514dc9c9c50e39fb0cada1c2a1e2dd53f8c78c5b420613040042
c2c3eea5a482b3e489826617a7c2603d659e5a0cf76cbabf62a93590279a5b89
c6cd7a7bd97dc88691c6a2f0b106f75807961a06f7164f3d1ca9cdb0e9c9c427
c81d4bf80a43b24660f1eb1e0884bfa90790e644f781a30c596d1b05f6c77af3
c9f4b09a8e295881221c8a4d9e3f20a572cfeb67edb7d5ccbd8832134643833c
ca97d0fea3d504255677af9171d164f2deae9ce7938797a283d9ef16be7b39b9
ca9ce991e9c0726a2fa041f7d038b3bd7f86a9106c0d6e7072709727981d21a2
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f72f6005c01ac5df3d0723c392122da027f149335d5166cf792a90e69712f8
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da377ffa6f82aa6f6a7c8955c9264c98fc8561e9cd1511d51500cb07c407b405
df923467de95c6d8557266b0445c599566806656007e801e95b2d7b00a0a56d1
e2c41c413b34dbe6c74900b5b99af975b95a2b1dcf03e6908396221851727a03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5a5d903725cd8936f70138caeeab7bdd043e19af4feb7ffc51e01f346fa3042
e5b5d7d2728e8f590947a918321b0da9e2a6525ddc741dab8ef622b998cd8eb4
e9bcefdbe9f8eba53ed1a831dd4248a8bf2f4dd1c87796e8349939f374e54649
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
eb9f8f519a5aadd1ebb7a08008349b92dc675c3069123ac195965cf558b43f82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

bloxfruitsdojo.com Open in urlscan Pro 2606:4700:3035::6815:3e35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

237 Requests

88 %HTTPS

42 %IPv6

40 Domains

53 Subdomains

41 IPs

7 Countries

2888 kBTransfer

8205 kBSize

28 Cookies

0 Outgoing links

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bloxfruitsdojo.com Open in urlscan Pro
2606:4700:3035::6815:3e35 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

88 %
HTTPS

42 %
IPv6

40
Domains

53
Subdomains

41
IPs

7
Countries

2888 kB
Transfer

8205 kB
Size

28
Cookies

237 HTTP transactions
5 data transactions