bloxids.com Open in urlscan Pro
2606:4700:3030::6815:2c0e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bloxids.com/
Submission Tags: phishingrod
Submission: On February 05 via api (February 5th 2023, 6:30:22 am UTC) from DE — Scanned from DE

Summary HTTP 246 Redirects Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 43 domains to perform 246 HTTP transactions. The main IP is 2606:4700:3030::6815:2c0e, located in United States and belongs to CLOUDFLARENET, US. The main domain is bloxids.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2022. Valid for: a year.

This is the only time bloxids.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	2606:4700:303... 2606:4700:3030::6815:2c0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e4:... 2606:4700:e4::ac40:a702	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:335d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e4:... 2606:4700:e4::ac40:a921	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e4:... 2606:4700:e4::ac40:a602	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:cc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
25	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.65.39.15 18.65.39.15	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:ea00:a:e047:752:5701	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	52.208.76.249 52.208.76.249	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 12	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
6 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 7	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	34.249.82.170 34.249.82.170	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:400d:808::2006	15169 (GOOGLE) (GOOGLE)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	2600:9000:230... 2600:9000:2304:4800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2600:1f13:800... 2600:1f13:800:7780:6a2d:ee61:2480:5f8a	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.29.198.232 52.29.198.232	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	35.158.235.130 35.158.235.130	16509 (AMAZON-02) (AMAZON-02)
6	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1 2	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	34.242.85.41 34.242.85.41	16509 (AMAZON-02) (AMAZON-02)
246	54

48 2606:4700:3030::6815:2c0e (United States)

ASN13335 (CLOUDFLARENET, US)

bloxids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a702 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:335d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:a921 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a602 (United States)

ASN13335 (CLOUDFLARENET, US)

basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:cc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-15.ams1.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ea00:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.76.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-76-249.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.23.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.52 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.249.82.170 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-82-170.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2304:4800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1f13:800:7780:6a2d:ee61:2480:5f8a (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.198.232 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-198-232.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.235.130 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-235-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.85.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-85-41.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	bloxids.com bloxids.com	309 KB
45	googlesyndication.com 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	263 KB
29	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325	341 KB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	367 KB
20	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 764 static.adsafeprotected.com — Cisco Umbrella Rank: 616 dt.adsafeprotected.com — Cisco Umbrella Rank: 557	197 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	7 KB
8	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 3149 cd.connatix.com — Cisco Umbrella Rank: 2969 cds.connatix.com — Cisco Umbrella Rank: 3134 ins.connatix.com — Cisco Umbrella Rank: 4106 capi-tier-1-us-east-2.connatix.com Failed	463 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	32 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 454	7 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8741	940 B
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	40 KB
4	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 8081 basher.ezodn.com — Cisco Umbrella Rank: 8529	101 KB
3	gstatic.com www.gstatic.com	15 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2481 google-bidout-d.openx.net — Cisco Umbrella Rank: 2431	668 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 388 mug.criteo.com — Cisco Umbrella Rank: 2753	7 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	145 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 948 id5-sync.com — Cisco Umbrella Rank: 389	18 KB
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 8727	8 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	25 KB
3	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 4906	32 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2166	789 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 imasdk.googleapis.com Failed	2 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3866	315 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1156 bcp.crwdcntrl.net — Cisco Umbrella Rank: 885	10 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 979 pixel.quantserve.com — Cisco Umbrella Rank: 676	10 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2258	40 KB
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 626	222 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 725	359 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450	113 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1123	711 B
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 4426	233 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401	584 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2918	104 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2391	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3600	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 647 csm.fr.eu.criteo.net Failed	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2726	8 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 904	614 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2456	251 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	76 KB
246	43

	Domain	Requested by
48	bloxids.com	bloxids.com
25	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net bloxids.com www.googletagservices.com
24	s0.2mdn.net	bloxids.com s0.2mdn.net 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com bloxids.com
12	dt.adsafeprotected.com	0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
12	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	securepubads.g.doubleclick.net	bloxids.com securepubads.g.doubleclick.net cd.connatix.com
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net go.ezodn.com
4	fastlane.rubiconproject.com	go.ezodn.com
4	cds.connatix.com	cd.connatix.com
4	static.adsafeprotected.com	0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	bloxids.com
4	fw.adsafeprotected.com	2 redirects bloxids.com
4	googleads.g.doubleclick.net	0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	cdnjs.cloudflare.com	bloxids.com
3	www.gstatic.com	bloxids.com 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
3	www.googletagservices.com	0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com bloxids.com
3	api.fouanalytics.com	bloxids.com api.fouanalytics.com
3	cdn.jsdelivr.net	bloxids.com securepubads.g.doubleclick.net
3	cdn.datatables.net	bloxids.com
2	capi.connatix.com	cd.connatix.com
2	x.bidswitch.net	2 redirects
2	match.360yield.com	2 redirects
2	fonts.googleapis.com	0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com bloxids.com
2	oajs.openx.net	1 redirects
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	gum.criteo.com	1 redirects static.criteo.net
2	id5-sync.com	cdn.id5-sync.com
2	www.google.com	tpc.googlesyndication.com bloxids.com
2	basher.ezodn.com	bloxids.com
2	stackpath.bootstrapcdn.com	bloxids.com
2	go.ezodn.com	bloxids.com
1	ads.yieldmo.com	go.ezodn.com
1	onetag-sys.com	go.ezodn.com
1	hbopenbid.pubmatic.com	go.ezodn.com
1	ins.connatix.com	cd.connatix.com
1	cd.connatix.com	1 redirects
1	sync.inmobi.com	1 redirects
1	rtb2-useast.e-volution.ai	0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	pixel.quantserve.com	bloxids.com
1	rules.quantcount.com	secure.quantserve.com
1	region1.google-analytics.com	www.googletagmanager.com
1	secure.quantserve.com	bloxids.com
1	www.googletagmanager.com	bloxids.com
0	csm.fr.eu.criteo.net Failed	gum.criteo.com
0	imasdk.googleapis.com Failed	cd.connatix.com
0	capi-tier-1-us-east-2.connatix.com Failed	cd.connatix.com
246	64

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-12` - `2023-07-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
quantserve.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2022-12-30` - `2023-03-30`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-01-21` - `2023-04-21`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-11-04` - `2023-12-03`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://bloxids.com/
Frame ID: 95D46327587D1A35FE3518E4FA6E80A7
Requests: 112 HTTP requests in this frame

Frame: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3BE4C6F38BD16AAE25104BB11BB13B02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AEA7E7E052FB09EC46FF1C4CD1BE106A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 606A328B8AD36605DF7EB8ABB80112A1
Requests: 2 HTTP requests in this frame

Frame: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97D443A666A8F4E78F002479775A5D48
Requests: 28 HTTP requests in this frame

Frame: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D65C9DADD2A13386C7BD9777180EBBB
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-7qa3wEwAQ&v=APEucNVZVBp84Ja29g-nN7HCzMSlCimokZJDzfYpHGu1oaCDPPJkatTlts5L1owRRj0jyCDmA9L8SqL5fbVZES0z58dNcxzTydn2GQ5rb_nQMNZcClIWe7xrIxbUPGzq8fKJYf7gky6TUFNmMQgKG57pzXUd5KPaBQQU_q2z47HhPuUHCYy7u8fYqSsofYdz2rV4SeYq_GBhR_hvji2lAecs1vdQk-qDDw
Frame ID: 5DC235DF421C4242D93D2BFAC418C4C4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY88-a3wEwAQ&v=APEucNX0rnGIiZI2mT7yBHa-2uAd8sUUdtTPAzaS-TQq9vDlGyo7rkbBTV3rvfZvqi5sPa8hgTh-DBRS3Kn3lIw_RtIzwJhxpY9ro6-N4W3FDubIsBVC-Pb2VL2cHGphxmlZOmDb2PxIqZB5dtBxYXWhbW40DeBd0dC_DzpIrnZc2KHRt4wGYJ-3XoC8rnK6eql3ZhZnaFdMyLXgeZojVetY9EdV24Wlhw
Frame ID: 3B960FD985CFA6D8AA743E301F617280
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bloxids.com
Frame ID: 4BE682EE20CADCEC8D7599678E9A154A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1FE5BDA4D312E2A9006DCBE322D7FF65
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3F950FF54721A485091D77703991A159
Requests: 3 HTTP requests in this frame

Frame: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF8CF3178427583B32E13E8DA53A72BC
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
Frame ID: 035CCC1BC457BE356F07AE21F3A667DA
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
Frame ID: B3D2ABDC4FAE51E478E93356804EEE6B
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Frame ID: 220A2E3C9B6EEF7771F4CF2382B37765
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 94C2D380B861C7E15478563EE20E1738
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB8F96624D7D418EDFE4C05C2A2ABA96
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 75337734AD097FEFE98E7DC46C74A7C7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C11707547E24A3C66F52CB6A79AE6430
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 6ADA0F6199D4874A0AF7E4E420519C2D
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/221512/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Frame ID: 3E2B81142C7C8F07AD44505FF3C7D4FE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

October CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

246
Requests

90 %
HTTPS

58 %
IPv6

43
Domains

64
Subdomains

54
IPs

8
Countries

2535 kB
Transfer

7181 kB
Size

51
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp&cc=1

Request Chain 118

https://gum.criteo.com/sid/json?origin=publishertagids&domain=bloxids.com&sn=ChromeSyncframe&so=0&topUrl=bloxids.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=7ESt_Hw1YnZkTWxsL3pBRDVxT0xwOGxIQVozT3JYWXliMG1RcWFocHViYituK2pwZGlqMlpaQ242Yjh1UjE3M3dZbS9Vb0ZuTzRQbFJ6Zk5aNmF1enkzT3MrS2dWZS93NTExamt1THlzQWhlVldRZVllSmZZdHMybHZrRmlWRFdFSUFGMFJjTnJpemUrRGx1a2FGcWIvcnRuSG1xNXBZTUJwN0R3aUxlT2psRTRMb3p6b3ZRZG53TUFIalQ1ZTNucWVqUmVlRFNRNTZlbW9HS3A2RnFBdGtWWFhXZEJBNjJOZ0tjRVREbEIxMEtHdEZ6K2czYmtXQndCeXJOU2Y0ZVdWaHVDVEdueEJKUm5hbUJUQmNNMTc4THBpUT09fA&cppv=2

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1&C=1

Request Chain 120

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y99M.Q4gMkRZheQK8rdBWAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInWhlqX-lPFNAmymsYmU_4&google_cver=1&google_hm=2

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI8CScSH_23ltTiLSL-DiCk&google_cver=1

Request Chain 122

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0MzU3NzM0MDkzOTIzMzI1NQ%3D%3D

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1&C=1

Request Chain 124

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y99M.Q4gMkRZheQK8rdBWAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInWhlqX-lPFNAmymsYmU_4&google_cver=1&google_hm=2

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI8CScSH_23ltTiLSL-DiCk&google_cver=1

Request Chain 126

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0MzU3NzM0MDkzOTIzMzI1NQ%3D%3D

Request Chain 166

https://fw.adsafeprotected.com/rfw/st/1333404/69041406/4.js?bundleId=${BUNDLE_ID}&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_-UzfY4TqA-OirATo4KDABw&cbFunctionName=goog_wrapCb_-UzfY4TqA-OirATo4KDABw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbloxids.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fbloxids.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:72d88eac-314a-ccf3-e249-ec89ea14d0dd,c:3keEvN,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-846cfdc89d-ctqhm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tuY57uN+11%7C12%7C13*.1333404-69041406%7C131%7C132%7C133%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:13*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:27,oid:8e5377de-a51e-11ed-b573-9abc8b45db9e,v:19.8.390,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}

Request Chain 173

https://fw.adsafeprotected.com/rfw/st/1333404/69042416/4.js?bundleId=${BUNDLE_ID}&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_-UzfY4SmBMX97_UPhYqemAY&cbFunctionName=goog_wrapCb_-UzfY4SmBMX97_UPhYqemAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbloxids.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fbloxids.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e3518b2b-254d-7823-4274-28f5a627d634,c:3keExO,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-846cfdc89d-8qtwc,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:6,mot:0,app:0,maw:0,fm:tuY57wM+11%7C12%7C131%7C132%7C133%7C134%7C14*.1333404-69042416%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:29,oid:8e53c63d-a51e-11ed-85a5-7e9864d4c19b,v:19.8.390,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}

Request Chain 179

https://a.tribalfusion.com/i.match?p=b6&u=CAESENJ8Jb3JdcrJKFYAGtgyeaE&google_cver=1&google_push=Aa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJ8Jb3JdcrJKFYAGtgyeaE&google_cver=1&google_push=Aa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 180

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFv90quTSwO2pfTAA0dJfFA&google_cver=1&google_push=Aa02lx-pv1ySvMEo0UQbl7kPGBDRyMua74RmpLx3hqLGuXBg7Nuvv8N9qW6dyGvxzXVLXCqsKeJ5G0XNtFReAsD_lM67U85z-ytk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjU1NTM2MTkxMzQwMzUzMQ%3D%3D&google_push=Aa02lx-pv1ySvMEo0UQbl7kPGBDRyMua74RmpLx3hqLGuXBg7Nuvv8N9qW6dyGvxzXVLXCqsKeJ5G0XNtFReAsD_lM67U85z-ytk

Request Chain 181

https://match.360yield.com/match/ebda?google_gid=CAESENMZ3ah8po4k1gAE9yv1Hu0&google_cver=1&google_push=Aa02lx93QUXO7UTacyX-zUb5JLN9JBIoQgMGVnouEvvSkONCin7ZaqjcxFVA7SWDC6TYjxZ7onLJkHvsLgpsczAJf6f5gWIyyKU HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENMZ3ah8po4k1gAE9yv1Hu0&google_cver=1&google_push=Aa02lx93QUXO7UTacyX-zUb5JLN9JBIoQgMGVnouEvvSkONCin7ZaqjcxFVA7SWDC6TYjxZ7onLJkHvsLgpsczAJf6f5gWIyyKU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=z_NUdadCSUqvP8WIneUDkw&google_push=Aa02lx93QUXO7UTacyX-zUb5JLN9JBIoQgMGVnouEvvSkONCin7ZaqjcxFVA7SWDC6TYjxZ7onLJkHvsLgpsczAJf6f5gWIyyKU

Request Chain 183

https://sync.inmobi.com/gob?google_gid=CAESEDP8Mn4lYMGMHYR6BaRJPQA&google_cver=1&google_push=Aa02lx_E0eBTAUWHdxFTNL3QMSCIS7g3ZWTbt_i4uJUs_V5ss4OKDv8iFGYzz6XJuZk6wzKg7AgofIrrv3yNzTmW--n_VnbxJRAI4Q HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx_E0eBTAUWHdxFTNL3QMSCIS7g3ZWTbt_i4uJUs_V5ss4OKDv8iFGYzz6XJuZk6wzKg7AgofIrrv3yNzTmW--n_VnbxJRAI4Q

Request Chain 184

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJiRBAL-J3ajfSIa2OgoeVo&google_cver=1&google_push=Aa02lx-lg4HQp0u7dyJz-5HdBU5HPX83DJ0VH-fR-XPVhOqzCo_pLynbmvUkfCMW4ztomaqrZF41bf2PkDJ-AHv9LashperB-CpX0Q HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJiRBAL-J3ajfSIa2OgoeVo&google_cver=1&google_push=Aa02lx-lg4HQp0u7dyJz-5HdBU5HPX83DJ0VH-fR-XPVhOqzCo_pLynbmvUkfCMW4ztomaqrZF41bf2PkDJ-AHv9LashperB-CpX0Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=3304943b-4a9a-4783-a2e9-fa851d689889&%%GOOGLE_PUSH_PAIR%%

Request Chain 216

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
https://cds.connatix.com/p/221512/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

246 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bloxids.com/ 78 KB
20 KB 730ms
696ms Document
text/html 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8631edb616f94fb8f423ab4969f89bdbd302fbff1235002aecfcf7a0921530e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 794998a4dcc9377b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 05 Feb 2023 06:30:15 GMT
display: pub_site_sol
expires: Sat, 04 Feb 2023 06:30:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjjctQ514LbWknQGeRWXnMY5AI4XS3fEGpJJAos%2BmVl0s7gIbiRaU4%2F6oR2e%2FR54Fm8oibEp4cea%2FXAlIwoCAqLJkNS4tslOIgZbR%2F6O4us2uIwQchT%2Fl7AW%2FxTgPtSq41oy3a31MLN8rw%3D%3D"}],"group":"cf-nel","max_age":604800}
response: 200
server: cloudflare
vary: Accept-Encoding,User-Agent
x-ezoic-cdn: Miss
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control: no-cache, private
x-sol: pub_site

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 62ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f00f7401c1f4a38d36047ab0292fd869538b950343c2e353760e8062ad947a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27285
x-xss-protection: 0
server: sffe
etag: "1473 / 586 of 1000 / last-modified: 1675465921"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Feb 2023 06:30:15 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 319 KB
98 KB 1655ms
1617ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=appnexus,onetag,pubmatic,rubicon,yieldmo&cb=195-0-50
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db31a2d19cdf77193d601295a85a41741dd8422e6dc9c63f5a878e36a8945d45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Feb 2023 01:17:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkJbGMc19TTkEUkEESwiztPZrHbAjm%2ByuQOudqN0N2LaYBAWgEvUTRl4NRybNRftN3IyQIndAPwTV5uaxh9jCBBmWmoHgtIf4G%2FBgHg0JUssRoEZIQAFw3XYN5X%2Byk6jBCjjUjm4yRQEm10%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 794998a9797b366e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
bloxids.com/porpoiseant/ 8 KB
3 KB 32ms
28ms Script
application/javascript 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/fads.js?gcb=195-0&cb=6
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 12:02:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 325686
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR5x0hcYqqIA0YqDEImf43TDN4s5rLjrNAww6Z%2FpaCgkwK4UftNWxSyc8wAeR5QLGU6vG3u1Yoe191%2FFISJYQ4pj6Mrkz9xezR%2BszQXS1%2FULGvNQseYLfB53sjD3gP3Unkd1Tk1t%2F4%2F4ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 794998a93854377b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
25 KB 47ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloxids.com/
Origin: https://bloxids.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 865
age: 3881421
cdn-cachedat: 11/25/2022 23:03:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"3afe15e976734d9daac26310110c4594"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e0210ad694b141e165170eda7489fa94
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 794998a96eb0924a-FRA
cdn-requestpullsuccess: True

GET
H2 200 bd26b15ecd703b4f452c356e5e44b398-1617720227
bloxids.com/combine/ 9 KB
3 KB 41ms
38ms Stylesheet
text/css 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/combine/bd26b15ecd703b4f452c356e5e44b398-1617720227
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d035a43e378691c0090515954ae1affa1051c9b08361e64b9f21d5a8a0f084

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-sol: pub_site
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;7e7a6c349f2f8acf02ef9e2d076ab51b;2-237061-3;e821c83d-70ea-44a4-7252-ef026ceaca38
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
etag: W/"bd26b15ecd703b4f452c356e5e44b398-gzip"
x-origin-cache-control: max-age=604800, public
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Bs%2BqUX2J%2B4gPXZGMxoXMmBSPpsEdaU%2FFcVxS3KeWrGDm9mUjvTI4GMUIEIcsJtWeLsq3j7LNVVXOTvrsHabJYAlg1c%2BiQbEvM3YqKXF8HZaEfNiJ8RDPiXh0bJ%2BiqypiAqbJH2Pz7Bxgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: max-age=604800, public
cf-ray: 794998a93851377b-FRA

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/css/ 15 KB
2 KB 45ms
18ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/css/select2.min.css

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 111716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1640
last-modified: Tue, 26 May 2020 03:00:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ecc8659-3a76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKTC7va2LPD2jbppPOPA1EiKHc3TI6MGXtqrbSsVdRo3pF9Nbp%2FEwhta7FFeN22lSxjEXPtP5qv3%2BqSjums9n5BRVFLV4ItAPlYfNa9RckkIbIzFfqBGXkj09sNVF%2F1%2Br7QA4A%2FiqaEpsd7gcJcyuQqH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 794998a968963665-FRA
expires: Fri, 26 Jan 2024 06:30:15 GMT

GET
H2 200 dataTables.bootstrap4.min.css
cdn.datatables.net/1.10.21/css/ 5 KB
1 KB 50ms
14ms Stylesheet
text/css 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.21/css/dataTables.bootstrap4.min.css

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0a6ace4f4d84add2dac5693204ab2229f5033b09325a9420c3825f2ccf68bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3795796
content-length: 1043
last-modified: Fri, 11 Nov 2022 14:46:27 GMT
server: cloudflare
etag: "15a0f33-1513-5ed32f45b34b0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 794998a97e232be2-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 23 Dec 2023 08:06:58 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 41ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 350060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itdTD9Gr8Dq%2FIzbSsUANWDpsBA%2F%2F8N%2FDuyTsy46ji3q2L91J3oeItJKws8aFpBgN%2FEifg%2BeECpVLG%2F%2Fm%2BsX2CqS4OOXt%2FotO6UDLdMTC1tvvSLS%2Blhebpv42drJyqORpBrgeicZIDJVYr49QOfU%2FT275"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 794998a968973665-FRA
expires: Fri, 26 Jan 2024 06:30:15 GMT

GET
H2 200 jquery.jscroll.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jscroll/2.4.1/ 3 KB
2 KB 44ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jscroll/2.4.1/jquery.jscroll.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f305e71d40a14f1aede17763781a06175f661e8931b3a4ac9d719daddc01e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 349340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1194
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-d04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5QtP9I%2FZSWXXlNE4J92GuFyCHxKOuREdzoBabvWiJ9cW8Q%2BSq%2BFvy2gN64W9gmmzz6%2Bjyl33DSdGFJ4CrHG89QkUODTf%2BL7pQcpzpQ9jQOCHuY5WAlU7fe3ZYaFgNnq3Zx4q8DhBOBNdjUIhrfA0Frb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 794998a968983665-FRA
expires: Fri, 26 Jan 2024 06:30:15 GMT

GET
H2 200 turbolinks.js Show response
cdnjs.cloudflare.com/ajax/libs/turbolinks/5.2.0/ 38 KB
8 KB 49ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/turbolinks/5.2.0/turbolinks.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88ce18ce2ff32e3fc8b213d6302d4896e4714ed46332a8cf19df7b4d9f726295

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 348020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7919
last-modified: Mon, 04 May 2020 16:17:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04003-9677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2TcxxOFpN2qjm6etj1vuN%2FkhWpxslt7bT3aJEbj5FXzhyng%2FEvKhkqzR6uzWAtM%2BUwZeXckQiCIznEf2Cp2monb4oSNYKXhCEkK8w0c6YPsESIk5wOM9ejvdqOEjj3MYwAxfKYyUzesWc7PkhkpKCRb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 794998a968993665-FRA
expires: Fri, 26 Jan 2024 06:30:15 GMT

GET
H2 200 sweetalert2@10 Show response
cdn.jsdelivr.net/npm/ 71 KB
20 KB 46ms
19ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@10

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9946
x-jsd-version: 10.16.11
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA, cache-yyz4578-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"11dc8-k2jefS6LDTNa26qxcRQ+MH7V+1Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMx5PqmoMgVq2ughoTqVvxA81p1VkjyUd5QARRbAaiiXGcZggKxTQU%2Fc2lQDu4T4s%2BqavZ%2BemRZK3JqcZE%2BGpbtWICS00T8l99dmZdDxiNVqIsR4KdDGoeY7%2BgMBcbeUJvS5l3ncZixzy6RSGTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 794998a96a693a8b-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 81ms
30ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DB9D1TK41K

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f92d69771a52ff2c2976096766e39dda9daaff5c0c8cf4b281b6f55ba1b7861c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Feb 2023 06:30:15 GMT

GET
H2 200 cookieconsent.min.js Show response
bloxids.com/ezoic/ 4 KB
2 KB 16ms
14ms Script
application/javascript 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/ezoic/cookieconsent.min.js
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 322023
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
etag: W/"11a4-5f395d3676a80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rDb8MGfsXJXFI%2F0c5%2B%2F3Ai19L8IANNRMzgdK1J5T9GBwMi9pzwSMvcRgdwD0rGJ0ZCBEk%2BaEjWtZQ5JM6no4%2Be0kUdvTbiE3XljGevvbvUGHsF12KOIQDp7sMNh5UUAwM3G1makcR3dug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 794998a93855377b-FRA
expires: Thu, 01 Feb 2024 13:03:12 GMT

GET
H3 200 logo.png
bloxids.com/themes/xwm-roblox-theme/assets/images/ 3 KB
4 KB 19ms
15ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/themes/xwm-roblox-theme/assets/images/logo.png
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b175af8b251da9ece95ca626e0d7687c4445655cb323d3e8bd998fa504f67dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 82993
x-ezoic-cdn: Hit ds;mm;fa6dc7ea5540f11ea4ffd319c95355d3;2-237061-3;318cfa2d-683c-4007-6447-d53c9fc13a61
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6l%2FPonwbUOqGg%2FYPfrPeBmlkK28KTROf1xdeUmnkSyLrMMrUEsfrpec1yWdxq1mfx1eRJAwW5ghGdK2aHb8Uq8Z8YkC6bJoV9oR%2FJaoJsODD17uBW62%2Fu0IF%2FxEL51e3uTjLRj0122fv8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
cf-ray: 794998a9bc933827-FRA

GET
H3 200 thumb_19_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/40d/2f8/ 2 KB
3 KB 128ms
123ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/40d/2f8/thumb_19_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf5493f72a0782c614719edc45d6b23b2da5a4fa3ddbe7eaeec6940e70617312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;22e6cd1efb218a928905e1b939ffbe1b;2-237061-3;eabe06dd-077b-4ec6-699b-ad23d9d26a0c
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWjl1ctDZzCYWxvPQBU%2BQoiUnMmNG%2BvrRYkIP1DG9rSQ5Ust4K4kZzurUGiksUhq9a1Jq5dhT%2BHdlFZ6leOrL51Dg%2FWmEeSjJnPso1n2P0UXL%2FvIExCw6b1Z%2FZs8UA1wOFlWqAGtWJ7lNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
cf-ray: 794998a9bc943827-FRA

GET
H3 200 thumb_20_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/412/24a/ 2 KB
2 KB 125ms
121ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/412/24a/thumb_20_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3164394e59baec15294eab1dc07c19037b2f1d78e42e18b6badb85319703a3d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;89eaa8a9fbba2c0400c09536f02929ca;2-237061-3;bb7aa6d8-b126-476d-4c87-560a0d08221d
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEn1G%2FKGhgAQbkRHhKJkklSA6%2FMaj%2BlVh8wji%2Ftg8dA1njo%2F%2BWrkmqh5kcpGcG2C45ec2PcHRSTzjvlBJAeeg1DLGMlUzHFiHB71hIMMx7R%2FYsXYzhsbz6%2Fn7o3WEytr36sKkxOmQjaBOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
cf-ray: 794998a9bc953827-FRA

GET
H3 200 thumb_14_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/2c4/de3/ 1 KB
2 KB 152ms
148ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/2c4/de3/thumb_14_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 129abb7c690bdb6e3e87f1c505b0f0707ca7c2cb808c0a5e240ed37b804f50e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;b0494b6f17f089a76423c7b5dbe3382b;2-237061-3;a709c81c-cf21-4e08-6e38-6629547cb5a4
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1360
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vjJYaou6EKAdGFyXD0JXhMToO4a%2F4LxeBATtsUrkY6btj9lMEAtVG1auWPoLZNTVwNXuBkK54hm%2BQ%2B9Bm%2FGUGFntsJjUDjI%2BlvB6veegknD4JxYl64JrkuGCog5iiLTUbYIQvzaFZFZeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 794998a9bc963827-FRA

GET
H3 200 thumb_18_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/404/0d2/ 2 KB
2 KB 102ms
98ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/404/0d2/thumb_18_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222274edcbd412177a0af78a09362dc1a4eac86138b54834801cb4cd4811d77e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;216e9e9d83637e516b29e1d2fa65c566;2-237061-3;f5adbffd-bd2c-4e8d-764c-da1d477569a6
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0Mc6q2MM%2BHd%2BMms3KvDXV%2Bm9s3fM105PewQTXB5y6ig6Be6NLcZmM%2FHUUFuorbVUiIF%2BgXYSSuMKyQUPmxAPxjrcnaw2Prao7zr%2Bca%2BhIMy6Qb0NcI7Y97W0ByE%2B2dQogpZawWdlC9%2BuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
cf-ray: 794998a9bc973827-FRA

GET
H3 200 thumb_11_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/2c4/0b2/ 1 KB
2 KB 121ms
117ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/2c4/0b2/thumb_11_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c8e779a802ed20e7e80d430f5b401eb01f22a7c7697776c702bf20d24bb648f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;0f1697a4fb02802204506aa0723b777f;2-237061-3;a7f80fe5-70fb-406c-6b94-b55a2aa45291
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1368
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcfyIaLNFzm4OeWYAnA9bj02XBYSN3%2Bow2FMaRraeraq4PXSAF0AfOBKst4rbg0GcR5dGuJCEkFHm3LF%2FYVHqUCANMrNsaq0nHIxRcNzKc4dDTbdAuhlZu6RaPNgtPXC%2FPTAnIpApQ9npQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 794998a9bc993827-FRA

GET
H3 200 thumb_13_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/2c4/aa5/ 1 KB
2 KB 146ms
142ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/2c4/aa5/thumb_13_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42fc99fa5a9b5f6bf982577fb2d24e6b703e51e43490af6d1fb451eb9f3f18e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;e54780d7fd02a86591cb7be916d7582a;2-237061-3;75585815-d98d-4e9b-7f9b-78e6ab73c13e
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1184
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8KrKIk8XKoxFwdfHtPGB8HOzqLQ4PPuBbTD3Wdxkn5kemacskDDNHhUVEcsfpCOd%2BDC1yuAXXKedoeJEuOK8VKiemLosHboHuCQije3il9f1NefdfMKGta3LW8uBXOF0imhtfIWR86Pwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 794998a9bc9a3827-FRA

GET
H3 200 thumb_15_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/402/a7a/ 1 KB
2 KB 139ms
135ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/402/a7a/thumb_15_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58e665ff73e357f608f968a31d0cc28cd6ce81f0341736a350b22e22d56a8f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;e10b80e84a94ed971b6fa0cd85f32589;2-237061-3;6ae3f656-ee78-44dc-58a1-3f47ef690849
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1348
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ypuf%2BMNFDV4gMlrRwR35qEjoZh4Y7UcDVTTJOOeGlS%2BTF1PRBhFPGQkEW0d4LYJQCE4V5uQy889bVRUxzcEYl%2BR%2BQ7nCZzBkqirfFcFTAtvZqwSf5ZCvBQeqGiJiySw%2BxwZVOZ0q0DDSpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 794998a9bc9b3827-FRA

GET
H3 200 thumb_12_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/2c4/6f9/ 1 KB
2 KB 102ms
99ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/2c4/6f9/thumb_12_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d1146ad703fc2086964171657278690a2b86c051a2e301186c4de5fbf0f449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;66331bf465d0ae799a0b7a1fbdd07e51;2-237061-3;827f76ec-f651-4192-54ec-0b747fe746a5
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1316
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZK3cLWVkBPR6JIbOK8MgYPHYAIkB5vf6ATK4NUQmgekfL8WaGgrWJgydNVWmgT3GcM0%2BKzBKImv5q29uzo7qu%2B3lt8v7g9Dmh77A7LLZV1cScUn2y6RJ0hJ2R3vY2frWBgxF9FEa0vKow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 794998a9bc9c3827-FRA

GET
H3 200 thumb_9_100_100_0_0_crop.png
bloxids.com/storage/app/uploads/public/5fa/1a2/7a5/ 1 KB
2 KB 126ms
122ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/1a2/7a5/thumb_9_100_100_0_0_crop.png
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f774d3967cf4b65190d54409e498c2a5f56c05860d679d81a0f87f50e2d8ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;d0542b9f568988d9e3d8c98eff64bcc9;2-237061-3;7afc9d45-8b86-43a0-7bd6-1374acecbf80
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1250
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0EhC0nKQFkAI9eGlTT5sEvV4AOX1Y3cqvqGkCF5kiQKCUa4j8WZGNNjJ%2FdpfqcXAebDMp4hgenPAUtVf5ixGV%2BY%2B19oqbHYV59BVp4Udad35QeTz1tx4JK7MvcCJopqU6AWShu%2FddsW0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 794998a9bc9d3827-FRA

GET
H3 200 thumb_10_100_100_0_0_crop.png
bloxids.com/storage/app/uploads/public/5fa/1a2/ad5/ 1 KB
2 KB 103ms
100ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/1a2/ad5/thumb_10_100_100_0_0_crop.png
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aad30519a844c3abf62252a7379279e156287c8098f44e23c10646fef3daf7f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;b362759b9cbc7617cc5f707965243545;2-237061-3;f995e0f4-5605-42f9-4125-c7d9820d9c5c
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1182
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDT1Ld2R9A%2BijFPq9%2BMhnnKrwA0LpgPD3fl%2FO79stnlAAQCHDRlbLi2bOkUHapGQ9wxbAY7BLHXxsdIrwWwvp%2B4F1eZMjwzWOcV4VY%2FJmP%2Byf87640vMu%2BehnLcFHubctx6EE7j%2FWpkn3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 794998a9bc9f3827-FRA

GET
H3 200 thumb_16_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/403/4e8/ 1 KB
2 KB 151ms
148ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/403/4e8/thumb_16_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a1bc4ed6d1400c7bcf13fdffa9dfc4c85770127de7cbbf72e0be4c335d43d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;1f51b2ce141f373b875dc0f20a775d20;2-237061-3;02713d99-c5c1-44cc-7e2e-06676c959ea8
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dXMS8sHoYTBwxQKcmn2nhs878piliw4Xc05T6I%2BPXmH78um%2FKLszwxZWvqg1T0Ut%2BTOE8Aml4tQh5xsCyDp52FdL%2F25ApL%2BgbGQMOkXmIVMoUKHGyp9HhWCXnZP6%2Fjxde83eT9xqOt%2F0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
cf-ray: 794998a9bca03827-FRA

GET
H3 200 thumb_17_100_100_0_0_crop.jpg
bloxids.com/storage/app/uploads/public/5fa/403/b71/ 2 KB
2 KB 45ms
42ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/storage/app/uploads/public/5fa/403/b71/thumb_17_100_100_0_0_crop.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9868339a287d36283ae9c87cc936830db18e6deba6b68d0b5b9572e625fe5a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;0b458460bbd003482c6c8c1ecc3ab152;2-237061-3;8caeed0d-24be-4563-55e0-0bfd2731d13d
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FncmAySG2gX9XfNuvXURKxEOvqLqbQYP%2BLCgreoQs3zf%2BbZ0WnOVu89CnYN6qWYb0XtQrLv1X7N0BC8qzQ3Oksc51IdqEPNQnpwSd3IuAHRksbr%2BVWGuZe6CvDRttN9lzL1O9F%2BxkapyNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
cf-ray: 794998a9bca13827-FRA

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ 59 KB
15 KB 25ms
19ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloxids.com/
Origin: https://bloxids.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1075
age: 581485
cdn-cachedat: 01/04/2023 07:40:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"6bea60c34c5db6797150610dacdc6bce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0beae90c81925177f7ab96d0759fb252
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 794998a9bef6924a-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.21/js/ 83 KB
29 KB 18ms
12ms Script
application/javascript 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.21/js/jquery.dataTables.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffbce8dbb2e5fe154a842b04fb2f26d924b96e114f11016179308bf3b1eeba60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3796710
content-length: 29029
last-modified: Fri, 11 Nov 2022 14:46:27 GMT
server: cloudflare
etag: "15a005e-14aa7-5ed32f45b7718-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 794998a9be632be2-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 23 Dec 2023 07:51:44 GMT

GET
H2 200 dataTables.bootstrap4.min.js Show response
cdn.datatables.net/1.10.21/js/ 3 KB
2 KB 23ms
17ms Script
application/javascript 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.21/js/dataTables.bootstrap4.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5b6ebd94e15926993c5ac5c1e5169f6b80184baf04133f6ae5f3f8e58af19bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3796710
content-length: 1603
last-modified: Fri, 11 Nov 2022 14:46:27 GMT
server: cloudflare
etag: "15a0875-cce-5ed32f45b6778-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 794998a9be672be2-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 23 Dec 2023 07:51:44 GMT

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/npm/clipboard@2.0.6/dist/ 10 KB
4 KB 24ms
18ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clipboard@2.0.6/dist/clipboard.min.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 355621
x-jsd-version: 2.0.6
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-itm18833-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"28d5-Y3HsCo4kI5XH1NAI0rmORyydzFI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoME0qDJu6vYqX47cUbFdDPdMVj2ijr3bDo2bCIk7ngU0wbk%2B0OQ%2BAi1Kaey73K4X%2B3%2F5605rCwUAz%2BV8huS09oTsuHRdx1UN73i3nrMwYARWGWsw1LxIaGEpwjHNu6UVuWghyJ4Nxebxj5ATjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 794998a9baa73a8b-FRA

GET
H3 200 framework.combined-min.js Show response
bloxids.com/modules/system/assets/js/ 22 KB
7 KB 55ms
51ms Script
application/javascript 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/modules/system/assets/js/framework.combined-min.js
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb6f39ae0c622292f3b23722249653e11dba33e1b8e1ab3889ef18c8798ee27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;33506b185f0604dff27b257d5aa970d9;2-237061-3;1609c37f-d18a-4899-5858-da35ec2d12ac
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NX1g%2BwkhUFGRTcs6cQlbt2Sywh5Xr8ylhLjMLyJvQ%2FtD4XVw3Fh5YXj6G3g%2Bfs%2BvM895098cL9%2B%2FNM%2FSiqeZGWykd7wxXlOxxtSgQAehVXwgZJDsz5lpdpx4u54RNZXhCRawkhRKc9AIXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 794998a9bc903827-FRA

GET
H3 200 framework.extras-min.css
bloxids.com/modules/system/assets/css/ 6 KB
2 KB 25ms
21ms Stylesheet
text/css 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/modules/system/assets/css/framework.extras-min.css
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2218e1a345e2d9b9b4a3ab19f8a1dbd25866e51de1e65b472d226dbc2552491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 38815
x-ezoic-cdn: Hit ds;ms;25b55880c5da8d3f295656cc00a47e1a;2-237061-3;6add13d8-770e-4a2b-4663-37eb9b181029
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qixXfCJGYUDdkm0e775NcNYPQPJ1%2FSpQy6N6x0jWzVn7JUqpqBEK4a9h04hEpYHRQZQdH75F1PG3gCAmqcLZz5NoTVliFR3bs6wiNvVq%2F0XsznCc8D1yKVALQRezwz0oInmjH%2FYWYkaqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=43200
cf-ray: 794998a9bc913827-FRA

GET
H3 200 augusta.js Show response
bloxids.com/detroitchicago/ 2 KB
1 KB 38ms
35ms Script
application/javascript 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/augusta.js?cb=24
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 05:11:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 350345
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5yw3qvBWjJ8IPhUJOkQMAavqnMrVdROZizSoA2QOISXMFADHp5wwPa4sbr%2FJwNusl8H%2B%2FDaFlzYtFRTywgvHMOCul2Dm7lnDOs0Ratd6qMUJrBBtfihdRBZmzRyo5Q9SQJE2x7AykCLng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 794998a9bca23827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 init-1632lqsy2s4fklqsvsii.js Show response
api.fouanalytics.com/api/ 461 B
882 B 212ms
168ms Script
text/javascript 2606:4700:e4::ac40:a921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1632lqsy2s4fklqsvsii.js
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59bd3e0afa79f40c1c8668bc2f36ee62e2c05532d8dd245d4819a2b88e6ab83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtNV74EB8mGS60TWLgAoI81QhkaLvfU2FfhmTUn8FPXtbo%2B6og3wddruwOgz9isXc7F5xHe4O8MEkmCMDrRHB0s24qVwf5uo4swH6vHUaHBSXFJZ%2BHB73pmBAKYfDJrKhc79hSFgT1oblvJTMz6Au79hkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 794998a9fcd79bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 banger.js Show response
bloxids.com/porpoiseant/ 51 KB
14 KB 26ms
23ms Script
application/javascript 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/banger.js?cb=195-0&bv=176&v=73&PageSpeed=off
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d537d7868386a4c778c32ae64178c393fd2db241a44d038659be4ddae19664

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 12:02:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 325686
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=my%2Fb44rGKAHMIfQngj%2FXz7yTE5m5aBvXo8gHXqFdZzx64rQk1oRJVVOIO3Bw%2F6dDEoR9YwWyE0eb0Lk16a%2FE6UaJKMgyrI2brgU99hrC0CKsVrlB2BUFYK3ydtxb4U%2Fr5eMclTAHr1LcXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 794998a9bca33827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cmbv2.js Show response
bloxids.com/detroitchicago/ 61 KB
18 KB 24ms
21ms Script
application/javascript 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4509bf827fa4fab50fb76490d1b9a8a5da3c02419776f66768ff5ae241e643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Feb 2023 20:06:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 37438
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0KMnA6nCpqjhYr9Km%2Fkax2zn2qJFykp4nwEv0TBa1o63I6dIlLZk0scUScPD0daLs%2BCrV1j39xtEOCVA6HSXC9a%2BhDo3gpWuy9ZiBmCHKgapNDhPA4UXyv0d09EeXJleHqRsHGl%2Fr6c7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 794998a9bca53827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bg.jpg
bloxids.com/themes/xwm-roblox-theme/assets/images/ 175 KB
176 KB 43ms
43ms Image
image/webp 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxids.com/themes/xwm-roblox-theme/assets/images/bg.jpg
Requested by: Host: bloxids.com
URL: https://bloxids.com/combine/bd26b15ecd703b4f452c356e5e44b398-1617720227
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab69b3b8880d3c06ad9ed475a991b254f30c255bc03c9702bc2769913e7804c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/combine/bd26b15ecd703b4f452c356e5e44b398-1617720227
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;8453272b9b9daf47298e1bd0c8b6f560;2-237061-3;1899a7e2-2b87-4ff7-5a5a-182dc9e5cb8c
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BtOtq2Wx1WAZnfElvm630hsO3AMYkMeyT27lNB8RD4SaMIDLniy9kGecHsjFB3%2BKPw6ef5YPtIpxATdnRHIH%2FlGrOo8mmM5iZVIxL5lhMDitL%2BpttgUOvM87XBssLHdJK7c9BTFqCW2YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
cf-ray: 794998a9bca63827-FRA

GET
H2 200 pubads_impl_2023013101.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb275de8542c2555ea04946af999972b6e0040e5165996435f3ae1529e636b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 14:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132970
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 09:37:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Feb 2024 14:12:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 850 B
387 B 72ms
27ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

045c83a8ddc71464588e8bfdd691ea9b9e8418281d703fe9cb847e9411bae1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362
x-xss-protection: 0
expires: Sun, 05 Feb 2023 06:30:15 GMT

GET
H2 200 ezoic.png
go.ezodn.com/utilcave_com/img/ 1 KB
2 KB 398ms
398ms Image
image/png 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezodn.com/utilcave_com/img/ezoic.png
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: BYPASS
x-sol: middleton
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1181
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
server: cloudflare
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G89Xo3xFk7u6ILrb7LKNpVE4EeBA0UjOUXH4UN7CnFn5LDTG%2BQ20DHQ5eHfkpR2s8lFZMJeQZJ9CuKp56Ox81kInEILsl4Pju7SqiHVMTbof1ABpVnrLG8u7C94WTNewhoKMrG3sSvwZ%2F90%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 794998aa7a77366e-FRA
expires: Sun, 12 Feb 2023 06:30:15 GMT

GET
H2 200 / Show response
basher.ezodn.com/ 2 KB
2 KB 14ms
13ms XHR
application/json 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=237061&bf=140&dc=1254144
Requested by: Host: bloxids.com
URL: https://bloxids.com/porpoiseant/banger.js?cb=195-0&bv=176&v=73&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110a853300e0e603cf341795e1e7728b1922ce1b1e60b5369539f16892181d4

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://bloxids.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBCfAdbybditXWskkwCot9tf692cMjEhLXu%2FMezwkrVtCa%2B7KO727OI2b2udpvEm7UErF%2FhboyhICw7g5ISU0zDjcNhw11vt6ALKIIAV0PFzS276TQUzxpVR41LTwwYvIqbQqdSQzAN3bSyPF7Kb"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 794998aacf243673-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 55ms
16ms Preflight
application/json 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=237061&bf=140&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://bloxids.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://bloxids.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 794998aaaf033673-FRA
content-length: 0
content-type: application/json
date: Sun, 05 Feb 2023 06:30:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hjjDm5yxKGg5Sl6%2FIarUryNFKgdX9ySbq5kVdpfweTXknpucLur3aD1lbR5I8BDvldGrFnlNH%2B7N%2BfXXIgwZRI2aQzoQPhrBE4VNXnJOj2IYhTFlpSgkPHQRrmtgLY8uvpatslcVFBbHcyoACv7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

POST
H3 200 imp.gif
bloxids.com/detroitchicago/ 43 B
646 B 34ms
32ms Ping
image/gif 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A104%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C5%2C1%2C21%2C4%22%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A5%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A237061%2C%22domain_test_group%22%3A20230802%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A11%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221001%2C1006%2C1100%2C1102%2C1104%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22a1f8a33e-9f97-4fd6-763b-01cd501ccfa0%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A31615%2C%22response_time_orig%22%3A558%2C%22serverid%22%3A%2218.185.172.217%3A4890%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1102%2C1104%2C1220%22%2C%22t_epoch%22%3A1675578614%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fbloxids.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A295%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://bloxids.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVeyTJAYrryksL9jovyXYBnDT04iYcHyz9IYHDPmg7ElkKLhxoTyixqdQ2ypQNrhPvdzen9OQ65ne2X7LZHCZcGDaTF%2FzPdk7g8N3ySKYr4TPUJBXMcQ4Ro5%2BxJZMw1D0C%2BHzobbUktFRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
cf-ray: 794998aa7d2d3827-FRA
access-control-allow-headers: Content-Type
expires: Sat, 04 Feb 2023 06:30:14 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 119ms
8ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: gzip
etag: "u+riIbpeWSVolXo4r+dT2g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 12 Feb 2023 06:30:15 GMT

GET
H3 200 cmbdv2.js Show response
bloxids.com/detroitchicago/ 41 KB
11 KB 23ms
19ms Script
application/javascript 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5y5f-22&cmbcb=123&sj=x03x0cx18x5f
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6c82e3589512b42474272e5986c03a856786010d425205bf03a7695e734641a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 11:58:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 239510
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MH6%2BntH1AnmT6QOkqDFSDiikp2lCD5sK0%2FuYUT9Hpp5oHJKkyS9Pez%2BzBnq6e0aXNPNP4FBCC70z2%2Fo4RZQabhaVDwPCARrGh26azb1pqET%2FocobjdU%2FarCjBI2Pbq8XmOSxlZDt0Pdz6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 794998aa7d303827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 houston.js Show response
bloxids.com/detroitchicago/ 9 KB
3 KB 23ms
14ms Script
application/javascript 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/houston.js?gcb=0&cb=46
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e455579d544af9aa234a7d7cda3e705b9be4d98f8e1d4869d907dbf9d633771c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Feb 2023 11:59:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66619
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3yVT4rKLyOpEHE1op6TR61DL7LV%2BENb26LIbNUOzRQeZDNq5fL1wsP8ZNNomMcc05sZCQClEKyvh6csxX77iM0DMihV5GZVX32P1buxOMKAmHqELB68Qb2pLwh0YREuW2J7nBI5a7n%2BRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 794998aaad4c3827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nmash.js
bloxids.com/porpoiseant/ 19 KB
6 KB 32ms
28ms Other
application/javascript 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/nmash.js?v=176
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b13e01830c2220cd61e4ee73966557818c87a2d935fae0ce2cd6a29202124ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 04 Feb 2023 19:27:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtJBcui2F%2FGVTjOAsBD8%2BFgsX58DQUvsjNuCTYxeX8S3KdR70wyrOTqCV8WqcNREjTJucNh8wd5R6nVInmcWn1ObptTrtCxFvrSps5sGgyCmC2hGg%2FEKaWcdvY66hKos7RNv%2FxMlykvjfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 794998aaad553827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 54ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DB9D1TK41K&gtm=45je3210&_p=1873576348&cid=1334333727.1675578616&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675578615&sct=1&seg=0&dl=https%3A%2F%2Fbloxids.com%2F&dt=Roblox%20Music%20Codes%20-%20BloxIDs.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DB9D1TK41K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 139ms
50ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 85ms
23ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
654 B 480ms
478ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2706236413843419&correlator=2748274336212181&eid=31072031%2C31072117%2C31071432%2C44777901%2C31071663&output=ldjh&gdfp_req=1&vrg=2023013101&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=88601467&didk=2259044073&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D1369051298053905%26eid%3D1369051298053905%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod43-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbloxids_com-medrectangle-2-1369051298053905%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D81%2C189%2C120%2C67%2C49%2C192%2C81%2C20%2C26%2C156%2C205%2C0%2C136%2C159%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C2030%2C774%2C2030&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1675578615549&lmt=1675578615&dlt=1675578615232&idt=246&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1334333727.1675578616&ga_sid=1675578616&ga_hid=1873576348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d94ddb75ef96849bd221057452f74a2e1776a1e2b7631bab771ae71d34c59a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 624
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3BE4 6 KB
3 KB 204ms
63ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:30:15 GMT
expires: Mon, 05 Feb 2024 06:30:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 17 KB
7 KB 15ms
14ms Script
text/javascript 2606:4700:e4::ac40:a921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e147fffc7f6acc0513c66c6f8734b265bebfa00c6bf4f205a009f6f840fb8083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 20:07:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1235
etag: W/"63dc17e9-45fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jb39D0O8HSvgANGNB%2FIEUOZKkHgL9%2BlEqRaWkbmoT8fCdpesFA9bpWelURaMaqfnngVSpb2NTwc%2B2LgjYRUEEZB2eLUSaaeACKk%2F%2FtTjEuPgJzRGmtP5mXq%2B6i36vmR2g3e37V4FF2uoX%2Ff%2B5YiPWqBQcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 794998ab4e659bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 160 B
614 B 54ms
7ms Script
application/javascript 2600:9000:223c:cc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:cc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 05:31:15 GMT
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3541
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:49 GMT
server: AmazonS3
etag: "af15ecfe46737cb2a37226fd060f23a6"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: nsb0zozRELqu6Oi27ApjtGaInTNFCC-6-mszSddqRA1e1-upJVM-mw==

GET
H2 200 pixel;r=1221380393;labels=Domain.bloxids_com%2CDomainId.237061;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fbloxids.com%2F;uht=2;fpan=1;fpa=P0-1741357982-1675578615570;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-...
pixel.quantserve.com/ 35 B
372 B 18ms
9ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1221380393;labels=Domain.bloxids_com%2CDomainId.237061;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fbloxids.com%2F;uht=2;fpan=1;fpa=P0-1741357982-1675578615570;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=bloxids.com;dst=0;et=1675578615714;tzo=0;ogl=;ses=99842eff-7641-44fb-b46a-457b7877b7c9

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 dark-bottom.css
bloxids.com/ezoic/styles/ 3 KB
1 KB 27ms
26ms Stylesheet
text/css 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/ezoic/styles/dark-bottom.css
Requested by: Host: bloxids.com
URL: https://bloxids.com/ezoic/cookieconsent.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 Jan 2023 21:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"bd7-5f395d3676a80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZI3wXnERPb5kcWysw8yv85JG5RgbqXY4bDIyydnx6%2BMkCcvg%2Ft70XkWmsFmUs9yIHV78D5nYT%2FBlWA46YS9IXA8mGcR6uzxvzxUxXMU%2BCYNHQzdQGikwFKUxPqjSdvJBIb3tq%2FvYKLAUrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 794998acaec43827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 greenoaks.gif
bloxids.com/detroitchicago/ 0
533 B 16ms
16ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDItMDUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjAifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInRfZXBvY2giOjE2NzU1Nzg2MTQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInRfZXBvY2giOjE2NzU1Nzg2MTQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sDZjTeqKpaDBnTufZVgI4b8LUUd7NQ99%2F2KwDX1b1%2FRkBaX5%2BKiyWzK78HsfNooz3S8avv8QwgOrhHHB2RyWHl6owW0TWQE45WaWfuge7UgLRQG%2FdpUpWUI6tBlLk6M0SSYpEQ%2BXoee%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998acaec93827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:15 GMT

POST
H3 204 greenoaks.gif
bloxids.com/detroitchicago/ 0
534 B 23ms
23ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIzNSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNzMwIn0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIzIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjIzNCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjIzNiJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiI1NTAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI4NzgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6Ijg3OCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInRfZXBvY2giOjE2NzU1Nzg2MTQsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfV0=
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8LXHQzIFUJF9ylKvecddbBvpl%2FHPJq7u3BZerumRIyQItRh9TsRJR4fQt6LtNiwMmGpiyLxo%2BXssNrU4%2BTS8N6Nk4l8d6qmvdfyujMI%2B3VdXZogYCmMiPcy2qr%2BLLxz%2FsLTvPYWksg5Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998acaecc3827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:14 GMT

POST
H3 204 greenoaks.gif
bloxids.com/detroitchicago/ 0
533 B 24ms
23ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiZGF0YSI6W3sibmFtZSI6ImlzX2FkX2Jsb2NrZWQiLCJ2YWwiOiJmYWxzZSJ9XX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXJNT0bvJJs0oRLbURlArxdGvddhXAGIs%2B9GMy4d4HZTQQAblMiNrPWU7At%2BX9UOg3i%2FbMpFwOhMVJjMisiomIP6gSVZvmYpdc5uPbAwX%2BRRd9JCA1s3iBHwTXuEGA%2BILY6cXLXqxWXq1w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998acaecd3827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:15 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 79ms
30ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

037ed33aaf844f455a473ac694d3be1562bfb014ceb82d10a3943575c8239360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11205
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 78ms
42ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 06:30:15 GMT

POST
H3 200 x Show response
api.fouanalytics.com/api/ 0
453 B 195ms
184ms XHR
text/plain 2606:4700:e4::ac40:a921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x?FZrplAM82qa32Bbh$dXJsJDAkaHR0cHM6Ly9ibG94aWRzLmNvbS8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDAkMSIsImlubmVyJDAkMTYwMHgxMjAwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCQxIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQwJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMSR0cnVlIiwiZGV2aWNlTWVtb3J5JDEkOCIsImRvTm90VHJhY2skMSQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDEkNCIsImxhbmd1YWdlJDEkZW4tVVMiLCJwbGF0Zm9ybSQxJFdpbjMyIiwicHJvZHVjdCQxJEdlY2tvIiwicHJvZHVjdFN1YiQxJDIwMDMwMTA3IiwidXNlckFnZW50JDEkTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOS4wLjU0MTQuMTE5IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsIndlYmRyaXZlciQxJGZhbHNlIiwibmF2aWdhdG9yLWhhc2gkNyQyOWU0MTg2ZCIsIm5hdmlnYXRvci10aW1lJDckNi4zIiwic2VuZEJlYWNvbiQ3JDEiLCJmb250cmVuZGVyJDM5JDEiLCJ0aW1lJDM5JDE2NzU1Nzg2MTU2NDciLCJ0aW1lem9uZSQzOSQwIiwicGx1Z2lucy10aW1lJDM5JDAuMSIsInBsdWdpbnMkMzkkYjZkMDU1NTgiLCJtZW0tdG90YWxKU0hlYXBTaXplJDM5JDExLjkiLCJtZW0tdXNlZEpTSGVhcFNpemUkMzkkMTAiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDM5JDM3NjAiLCJ0aW1lLWZldGNoU3RhcnQkMzkkMSIsInRpbWUtZG9tYWluTG9va3VwU3RhcnQkMzkkMiIsInRpbWUtZG9tYWluTG9va3VwRW5kJDM5JDE3IiwidGltZS1jb25uZWN0U3RhcnQkMzkkMTciLCJ0aW1lLWNvbm5lY3RFbmQkMzkkMzUiLCJ0aW1lLXNlY3VyZUNvbm5lY3Rpb25TdGFydCQzOSQyMyIsInRpbWUtcmVxdWVzdFN0YXJ0JDM5JDM1IiwidGltZS1yZXNwb25zZVN0YXJ0JDM5JDczMSIsInRpbWUtcmVzcG9uc2VFbmQkMzkkNzM0IiwidGltZS1kb21Mb2FkaW5nJDM5JDczNCIsInRpbWUtZG9tSW50ZXJhY3RpdmUkMzkkOTY4IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQzOSQ5NjgiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQzOSQ5NjkiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkNDAkMCIsIm5hdmlnYXRpb24tdHlwZSQ0MCRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ1NyQwLjEiLCJnbG9iYWxzJDU3JDczNWYxMGM4IiwiZG9jdW1lbnQtdGltZSQ2NSQwIiwiZG9jdW1lbnQkNjYkNDdjMDc0NGQiLCJjb25uZWN0aW9uJDY2JCIsImRvd25saW5rTWF4JDY2JCIsImdldFVzZXJNZWRpYSQ2NiQyIiwicGFnZS1mcmFtZS1jb3VudCQ2NyQxIiwicGFnZS1mcmFtZS1saXN0JDY3JDB4MCMwNDU0YzIzNmQ3ZWY0NTU2NDM5Y2FlNmRmYjljZGRkNC5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tIiwicGFnZS1oYXNoLXRpbWUkNjgkMS4yIiwicGFnZS1oYXNoJDY4JDNmOWMyZGZhIiwiZm9udCQ3MiQxMDAwMDAwIiwic3R5bGUtaGFzaCQ3MiQwZTQ0NjRlOSIsInN0eWxlLXRpbWUkNzIkMC43IiwiYXVkaW8tY29kZWMkNzMkMjIyMTIiLCJ2aWRlby1jb2RlYyQ3MyQyMjIwMDAiLCJlczYkNzMkMSIsImNsb2NrJDgwJDI2NzEiLCJzb3J0JDkzJDEzLjEiLCJzdGFjayQ5NSQxMzk1NyIsInN0YWNrLWVycm9yJDk1JFJhbmdlRXJyb3I6IE1heGltdW0gY2FsbCBzdGFjayBzaXplIGV4Y2VlZGVkIiwic3RhY2stdGltZSQ5NSQxLjEiLCJ3ZWJnbCQxMDAkMSIsIndlYmdsMiQxMDAkMSIsIndlYmdsLXZlbmRvciQxMDEkSW50ZWwgSW5jLiIsIndlYmdsLXJlbmRlcmVyJDEwMSRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDEwMSQ0NDk1Mzk2NSIsIndlYmdsLXRpbWUkMTAxJDUuOSIsInBlcm1pc3Npb24tZ2VvbG9jYXRpb24kMTA0JHByb21wdCIsImJhdHRlcnkkMTA0JDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDEwNCRmN2U3MTJkOSIsImF1ZGlvY29udGV4dC10aW1lJDEwNCQyOS4yIiwiaW50ZXJzZWN0aW9uLXNpemUkMTA0JDE2MDB4MTIwMCIsImludGVyc2VjdGlvbiQxMDQkMzMiLCJpbnRlcnNlY3Rpb24td2luZG93JDEwNCQzMyIsInBlcm1pc3Npb24tbm90aWZpY2F0aW9ucyQxMDUkcHJvbXB0IiwicGVybWlzc2lvbi1jYW1lcmEkMTA1JHByb21wdCIsInBlcm1pc3Npb24tbWljcm9waG9uZSQxMDUkcHJvbXB0IiwicGVybWlzc2lvbi1wZXJzaXN0ZW50LXN0b3JhZ2UkMTA1JHByb21wdCIsImFkYmxvY2skMTc4JDAiLCJmcmFtZXJhdGUkMTgwJDcw
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhrGuOgPOArJr8nLrCtkafX4dWG0gBB%2F4vc2jtCzvqaKexWuakW8%2FGwcK3xN3y0JDGfRivXJ21TTAZuvlib9hMQcKboyqrm8s5NzWMbBEEAbbMJuuoM8S53Yv1dxfGKDjenBbCtpcbhVMkZBirabATjPkw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 794998ad8fe9bbdf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AEA7 13 KB
5 KB 16ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 01:28:34 GMT
expires: Mon, 05 Feb 2024 01:28:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 606A 783 B
1 KB 60ms
22ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5cc00998778521255371eaea3bef447f7678c31a9f2bf0c9fc99d1d2e302d97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8fwadMRlldLqYSOT0FAAeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-8fwadMRlldLqYSOT0FAAeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:30:16 GMT
expires: Sun, 05 Feb 2023 06:30:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 65ms
51ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 25ms
25ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
11 KB 893ms
893ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2706236413843419&correlator=1364910093983292&eid=31072031%2C31072117%2C31071432%2C44777901%2C31071663&output=ldjh&gdfp_req=1&vrg=2023013101&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-box-2%2Cbloxids_com-medrectangle-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C468x60%7C250x250%7C300x250%7C336x280%7C970x250%7C970x90%2C728x90&ifi=2&adks=3005794515%2C2382043524&didk=205975327~2259057186&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D2535456512059237%26eid%3D2535456512059237%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1001%26sap%3D1220%26as%3Drevenue%26plat%3D1%26bra%3Dmod43-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dbloxids_com-box-2-2535456512059237%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D70%26br2%3D36%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C815%2C899%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C2030%2C774%2C2030%7Ca%3D%257C0%257C%26iid1%3D3390574760000909%26eid%3D3390574760000909%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26as%3Drevenue%26plat%3D1%26bra%3Dmod43-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dbloxids_com-medrectangle-3-3390574760000909%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D48%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C4%2C0%2C168%2C196%2C192%2C196%2C180%2C187%2C84%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C988%2C3676%2C2030%2C774%2C2030&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1675578615975&lmt=1675578615&dlt=1675578615232&idt=246&adxs=315%2C436&adys=80%2C1295&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=1600x250%7C1110x90&msz=970x250%7C728x90&fws=0%2C0&ohw=0%2C0&ga_vid=1334333727.1675578616&ga_sid=1675578616&ga_hid=1873576348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23998fd7ba965222460874a23a2f0db55292d8ba7a3b80dc85242169bf2279e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11408
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame AEA7 36 KB
14 KB 45ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 06:54:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 606A 0
0 49ms
49ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023013101&jk=2706236413843419&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H3 204 greenoaks.gif
bloxids.com/detroitchicago/ 0
525 B 21ms
20ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6Ijc5MiJ9XX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hM2OYDq2lhD73gu8LKQV0n6ui3HTblVZdVrDbQjaPjmTqtdccF99yhR4wtuMd0StmcJMYBnWJAiHyI3l5XsXHGbr7MF6onMnfSkCeAefbBaFwduVK7pmySjcycZIffNnbfRi4YBCkZtv%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998ae4ff23827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AEA7 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UMz58A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 55ms
54ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 161 KB
45 KB 859ms
858ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2706236413843419&correlator=4454620409943382&eid=31072031%2C31072117%2C31071432%2C44777901%2C31071663&output=ldjh&gdfp_req=1&vrg=2023013101&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=1022356245&didk=1988684474&sfv=1-0-40&ists=1&fas=8&prev_scp=eb_br%3Da928cf2c3ad36f5e9ed2d90f655c1dc9%26iid1%3D4137773000060559%26bvr%3D8%26al%3D1006%26ezoic%3D1%26br1%3D44%26ga%3D2497208%26tap%3Dbloxids_com-pixel1-4137773000060559%26bra%3Dmod43-c%26ap%3D9999%26ic%3D1%26d%3D237061&eri=1&sc=1&cookie=ID%3D183875dcfcd33c58%3AT%3D1675578615%3AS%3DALNI_MaSeodsPSpA0DyuJ6BuSzQk246qQQ&gpic=UID%3D00000bafb96456e3%3AT%3D1675578615%3ART%3D1675578615%3AS%3DALNI_MbgXWwfgAFjg6pahCGKIAzj4eyEUw&abxe=1&dt=1675578616466&lmt=1675578616&dlt=1675578615232&idt=246&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1334333727.1675578616&ga_sid=1675578616&ga_hid=1873576348&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93e555cc4d504b4c07544f5c330fa321029e995827d7d14ec9925ac4e59ad261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46536
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2023013101.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023013101.js?cb=31072117

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bcedb3423e32dc5359e5353a5efd44c6a5c23e22acd62b226d64f447ca86d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13743
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 09:37:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 11:52:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023013101&jk=2706236413843419&bg=!mZqlmt7NAAaq5O5FiuQ7ACkAdvg8Wt5x6sKlV1Xf2UNJTJucXLfFicb3NLdgSq3qNrWLLwokXzqKbAIAAABMUgAAAAZoAQeZAqR7bt0ENyf1jqdk8l-JaUNuTeQNyKphU3eQ_KUKbmlXsRhXOV5Qc6MlBofOQPLVZzxqv0iILN96Ku4-uPERG44VJgHz1_xg7zQ1ypffCaQYz9W2c0dmMsHbMsOhmixYvE_PKgdcEkVVk0TD1snf-gy-lADWeflW4-JNmf9UTynoec1L7GRS6u5S9pDcRdOzoDME18u64cN6r0deu_3s41hlr_4HmYY7vPniqyG4rCDYwHHR63Y3n61gZwEyf-ekncnDgyaDFHM-2UcO7Gz-Vd72264fNjSAWaHuN5TC05aR0Dxm-Kjkz4x_jXtCKVate8M6W9SD-efm8dy2iCDk0zheThMbylD_H7JibLCAOhkTWWSmNusl6lvxT-lWpooW2PbLYydsc5r7yfZn_VBum_wOwPTlwGXf47ZHjE_YswfJLYan-xBAfBXhrqx1M2Zbq_FMPCLxBcEvcencLTCxAD47IMLpDkw9d9ah74-TA4uBM-KxdpB3Ca98gjow5DwccmgzkSilLgfbk4-2jmaZP3Yq3nBO0-IjnNwaJ_o9ir8JxM6Na_mNkJp5cHUPrqVag_WOKOrG3CeBYjJYYdc4WnAaSTgaMcifLTkA0uOTLsdWmCRM5sTTydX06ADk-LS_GkzDWL2iTcW2jJCNdpwjsr6a889FlgBJFQJ_LwvuIwbYsRJuDCxxlZ3avFKl9pJFhPB8z-OOaMd3eY8aktYWIFoimH4nlwSoEoK69RuuLjLFba08OUCw4gWmcCgQ6KooIfhM4-x5FpuQcFe1_uLVFmhyLooGVVWze3v26yS0We3c2zDZU3Nd1VAfTyzLKJNAAfYH0liRnZOKLZIOQkR9syZBaEtb4vpuONxydGU48cyxnK1-4Z-rot29_SBmtHbkM5kIK8cg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 90ms
18ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 05:57:48 GMT
content-encoding: gzip
age: 1038748
x-guploader-uploadid: ADPycdvKOJDbmPrxrPJL4vY7Q8ueRs4xhqx9GWUVSpxOX-FBnCXRUSk1hiHq7UJe-hdp06LOdSoCcbOOpIcMaUqTPAts_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 24 Jan 2024 05:57:48 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 59ms
27ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
server: nginx
etag: W/"63c74972-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Feb 2023 06:30:16 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 14ms
13ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34438
x-jsd-version: master
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJlhoW1Wr3LUW%2BcQICimJT6Z89wYUdyXLJUCI7lxkMqYahj7kCQshzJKQzG%2FLN1ZKVknIG8vO3Dt24rdFekDWQIRWpSMbxGGGXiTpcQT2G6asPRpo0C0JkqJ2KOdIFsIO%2FZU6KDPDkZU4VxGwu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 794998b38bbfbbfe-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 50ms
22ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
server: cloudflare
x-amz-request-id: HMFESM8X6VRH0Z97
age: 771
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 794998b3b9773659-FRA
x-amz-id-2: Tw4rTHduarpcHqaEjzYh5Qtb1ND3UTUfTrU3RkIBL99Aej1WsS3htXZiodi631klQ1NjldFrkGM=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 67ms
14ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:13:50 GMT
via: 1.1 google
age: 986
x-guploader-uploadid: ADPycduLGtOpNZm4gLQBuFUBah3B0zLcrrBmQlzw6XjSXZE1uf-6i59V4Li65bgLtjUYhK1d6Rd9YuuoWgcxYQNKGLULN10JmFzX
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
x-goog-generation: 1659113709880056
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Sun, 05 Feb 2023 07:13:50 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 68ms
15ms Script
text/javascript 18.65.39.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-15.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 08:35:22 GMT
content-encoding: gzip
via: 1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 78895
x-amz-server-side-encryption: AES256
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: rB2sRH5xkGOba1K7w4JBlsIJaeCeTNdyVzkRyIdNLdGGNgQSZ1fd5Q==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 111ms
16ms Script
text/javascript 2600:9000:2057:ea00:a:e047:752:5701
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 04:08:03 GMT
Via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 8534
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: 6itG0eAq9z8IhFOC_3gQjF6VZ3nNfP34MPRVSZ1gnDJ61bkWqnztSw==

GET
H2 200 container.html Show response
0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97D4 6 KB
3 KB 31ms
30ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:30:15 GMT
expires: Mon, 05 Feb 2024 06:30:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D65 6 KB
3 KB 31ms
30ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:30:15 GMT
expires: Mon, 05 Feb 2024 06:30:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 greenoaks.gif
bloxids.com/detroitchicago/ 0
531 B 17ms
17ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjE2NTAifV19XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQK%2F2gMlns6SpcIpJK0AjR%2FMjnyZOq4ZqimNp%2FyQFN0xYjHLXksho1CVrcjSVJ2tjDlZc6bEPLX29GnkUh9QfkPq3v6gJFNt1CTXQ47%2BY0vs7t2wXwflJsuKcLKRjFKEhKhfvXSvckJfPw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b3ac693827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:16 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
526 B 31ms
31ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjUzNTQ1NjUxMjA1OTIzNyIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTAwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI1MzU0NTY1MTIwNTkyMzciLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94aWRzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjUyN2U1MmMxMDYzNWFjODEzNmE0Yzg0MDk0ZWU0OWE4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyNTM1NDU2NTEyMDU5MjM3IiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveGlkc19jb20tYm94LTItMCIsInRfZXBvY2giOjE2NzU1Nzg2MTQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI1MzU0NTY1MTIwNTkyMzciLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94aWRzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NDg2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyNTM1NDU2NTEyMDU5MjM3IiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveGlkc19jb20tYm94LTItMCIsInRfZXBvY2giOjE2NzU1Nzg2MTQsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ob972nmxVfzLSkgUZYZCt%2BDVSmuSqTV5UazHsQgxTWmfXrrMeo8iSS0X782XZa6QgxMAnGaKM2Q4xqhXNvmOnadbb5zI9afPxQA6ub2RtnNVtafeYtDI0k5aPn7U25yd12LCl%2BB8RUbJBg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b3ac6a3827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:16 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
527 B 30ms
30ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjUzNTQ1NjUxMjA1OTIzNyIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTAwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wMi0wNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMCJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wROD21uAXRIz27tMqWdFrg3A5HDnD425G1oRxKPzwc1za5fqiLi11JVUUsTLQ%2BGmQoKBZf3WQ6pR%2F0SErys5f9F9HrJep0mE76A9aVqFojADd%2FJxNcZ4LTbexi5Zi5q9tRm2V2AtItfG9w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b3ac6d3827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:15 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
527 B 16ms
16ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjUzNTQ1NjUxMjA1OTIzNyIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhdWN0aW9uX2Vwb2NoIjoxNjc1NTc4NjE3LCJhZF9wb3NpdGlvbiI6MTAwMSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImJpZF9mbG9vcl9pbml0aWFsIjo3MCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjcwLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo5MTYsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZXPS0Jb9h7l61aRb2wqkJUUwsdxp%2BFqpaVAWnOURFSZiKZBnUcu3zqcJShzPwlq6gVBjDsAKDjXfCMeawH6rh30gQ0SM1BP1oRKBa7Ohu%2Fs1RhHWRhDBaNFDvNpFLEaFssy4IOo4bYH2g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b3ac6f3827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:15 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
530 B 20ms
19ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM5MDU3NDc2MDAwMDkwOSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMzOTA1NzQ3NjAwMDA5MDkiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94aWRzX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImE0OTVjZTdkYmI0Y2VmY2QzZTBhNzIyMDQ4ODk0ZjQxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMzkwNTc0NzYwMDAwOTA5IiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveGlkc19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2NzU1Nzg2MTQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMSwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMSwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMzkwNTc0NzYwMDAwOTA5IiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveGlkc19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2NzU1Nzg2MTQsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDQ4NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM5MDU3NDc2MDAwMDkwOSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEnbiB%2B9dn9Utm8sDcEG16uhxWVo%2BqTnDqoEdSxBOBGU5BMIsORL9%2BK9iLw3NwAl80EIUsZSu0EATmEk8VB52gxBEb7RN9clbq8FjVGKwVX4Pk3dhOcDkEIpqQWPERnlAQDDKl2xOgSuHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b3ac713827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:17 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
531 B 27ms
27ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM5MDU3NDc2MDAwMDkwOSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wMi0wNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMCJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPQQ2tcaBFoLK0x%2BZmPFIIhgzHpt2U%2BKoGpL2yk61kYPLuGk4MZzmdubV%2BM9ZpRGxtvc61Etk%2FUOc8xf3xULqljA71xMQiVlZce3z6KtOzAoGob0NmhIGmdQ3Uq%2FkbUJuNvMOnOaFoeKUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b3ac723827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:17 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
529 B 26ms
26ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzM5MDU3NDc2MDAwMDkwOSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhdWN0aW9uX2Vwb2NoIjoxNjc1NTc4NjE3LCJhZF9wb3NpdGlvbiI6MTEwNCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImJpZF9mbG9vcl9pbml0aWFsIjoxMDAsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjoxMDAsImF1Y3Rpb25fY291bnQiOjEsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjkyMCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9kLR7cfLfYiuebSyPgbDvK9KI2KzokiohkLDpgeOeIIu8iqwzu6S5xUwHYdEGpLv9nEpLwegjinMV4SGrkXzOsiyijnpvZGZKnwqaYnMnL5wQqlHPLAdnfzf6xb2glrpgix%2Fs8kbv%2F%2FJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b3ac743827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:16 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5DC2 624 B
505 B 140ms
56ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-7qa3wEwAQ&v=APEucNVZVBp84Ja29g-nN7HCzMSlCimokZJDzfYpHGu1oaCDPPJkatTlts5L1owRRj0jyCDmA9L8SqL5fbVZES0z58dNcxzTydn2GQ5rb_nQMNZcClIWe7xrIxbUPGzq8fKJYf7gky6TUFNmMQgKG57pzXUd5KPaBQQU_q2z47HhPuUHCYy7u8fYqSsofYdz2rV4SeYq_GBhR_hvji2lAecs1vdQk-qDDw

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:30:17 GMT
expires: Sun, 05 Feb 2023 06:30:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 97D4 78 KB
27 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27798
x-xss-protection: 0
server: cafe
etag: 12162329123218539290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 06:30:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97D4 42 B
63 B 54ms
52ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CBr_W-4o4Vl9UAsMQuMxALoW_4sw8j1EjieDWIlnm7Q1vAwfsfAJ3TzpipzDzGGh5ArPLILqCPihTjU1j-SPlLHOokCUdijpLIWO9Nsi3Z1EyWAys

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97D4 0
20 B 55ms
53ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12636873414086203419&x=1&ct=76

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 97D4 3 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:54:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 97D4 18 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:19:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 97D4 157 KB
49 KB 79ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 06:30:17 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3B96 624 B
827 B 134ms
55ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY88-a3wEwAQ&v=APEucNX0rnGIiZI2mT7yBHa-2uAd8sUUdtTPAzaS-TQq9vDlGyo7rkbBTV3rvfZvqi5sPa8hgTh-DBRS3Kn3lIw_RtIzwJhxpY9ro6-N4W3FDubIsBVC-Pb2VL2cHGphxmlZOmDb2PxIqZB5dtBxYXWhbW40DeBd0dC_DzpIrnZc2KHRt4wGYJ-3XoC8rnK6eql3ZhZnaFdMyLXgeZojVetY9EdV24Wlhw

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:30:17 GMT
expires: Sun, 05 Feb 2023 06:30:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6D65 78 KB
27 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 06:30:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D65 42 B
63 B 54ms
50ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7XogRM7ik3PKbybGTZUe9bTo6FsQ8FbT7OEy9H7YA6OA8XU_OwsHikyPtG6Fz3VqxLfQlEd3j85JDy31Dl8_Iyq5Xxid62D6i2D0S5eS3hgxIsFE

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D65 0
20 B 55ms
50ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11164618566542033380&x=1&ct=76

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 6D65 3 KB
1 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:54:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 6D65 18 KB
7 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:19:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D65 157 KB
48 KB 93ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 06:30:17 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 76ms
17ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bloxids.com
date: Sun, 05 Feb 2023 06:30:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4BE6 15 KB
6 KB 63ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bloxids.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:30:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 1016164
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 26ms
26ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 044dc0b054c8f37d0198305d528679c11ed4f8c170132203f157fa5adc5a3a15

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 4a9eb35159d4d6e4a452d4f6d2e27a1d
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 101ms
34ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bloxids.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://bloxids.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 05 Feb 2023 06:30:17 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: d4a23a59422759d8c58f3eb51f1d92bd

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 117ms
33ms XHR
application/json 52.208.76.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.76.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-76-249.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5a4cb3f8080fa4b24d70dc74b7296fbf37cf32fea7c804b602de565a2af8ac19

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://bloxids.com
cache-control: no-cache
x-server: 10.45.4.163
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97D4 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2479489414785&version=m202301300101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97D4 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2479489414785&version=m202301300101&ct=76&x=1&cor=12636873414086203000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 97D4 93 KB
37 KB 107ms
98ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRQm7I_lRDbe_ppsF3VSYW1Kpj10kf-qCNxuqajsA74Vp8fxkhbCwHL_33nR-7ZaeqqotWIXMhaI345TN3O1HISXDpwwWXeSe3GL8ryQoLSxv7l9q4nZwAs5qeCzIUPKsmvOdFHfAnjunSH0mKuVtymJKvxnlwkMDZuFcJljjsrhRCgCM&dbm_d=AKAmf-A7eFtAFPNrw3OdOgTnBbZatEJVEOp-LUDeRAT4B3T8ESd_onBidJ8LvnlUGri5OP1e6qeqls12zWpfdoTEt26wzlAY3-67OpfDvJ_jMMnMsheEnFu3poRW4CAzACZ4KAOXwIsWp-p1INieEcUgqalsAueYKn4VQkE9Ldm7Smxy7chHaDCrF59FlLQn5wEjDwC_LfzmfFGuItB_KaCep17lo7msXpGQFMdeOd_76stpwE6qwHPj-Lnew0ESlGwm5IbVIQFSYmWG63dKX71HztW0XAHNqnDeLv3imMDbBdPwucS2_AQ8fqi2AKWY-HGKQjh8xgsz9IgS1tpMlc86OMcXCSsPrYScQLYFOglCT1CoMsaPdpvC-ShzR_zXwMbBIOwAV09cEsx2XSi4RxrnfT2pWVrTqBb-v4QUsPuypPMRKfTqk4xAA7LkKX2K0YQG5ik3AiFez8OtTEnDjtIRvg0W8tt3bp9DSSaRFnS3hpvHmx_RejmWURFt-BcAZqPb9S_TOjRsUYq6ml4NfxmuiK6BRGBNhvZ5EQH-QhzoA1T5OlV7y5mw9c1rKtfFOxFUqwdAa10pZoKCKZ6keu-LHQ4UXSehVwlSaPayu-q-cZusK_uKbFhiwNG0yPfiwI4liGjGlZjxAoBLxif4MJaalDMWRHq1_c3b-ZQ6rOy4OA2WyIpMaqPPNNoMnv6UAFVyJhVzSn-Z2ciyAM6x9NV4JUqTLqwZ1bqDYJCny6AbLZTtbi7UURu0eIZKw4m1scpvEgbhFLX7VApqIZqTmcXV35vOQd8oPe-O9bRmJx-ZB3LCLQ77DW-NlrxW_K9pX-mzRboW629i1LsxWByE1gPe0WjStPiThQzRgxSJgKneTGFCCUp3PfQHf8Huw1rVFwciiMPHx3r-sEDpr9JkPrxwWoE5VqvYCCc5c2g1yXa8cZ8cg0S73zytZfFBCNMcQX6ZXiwmOYoOdnEPGeeqU0_leMppd1yXhzAPf39GgN5isDtJY5vHuvVIJsEs1uItgH2Xmhb-zg8_jw4Gs_MBEZqYfYSenTLO7OY7TrFrTojfLCH_-fctwKuDJ3tQ_U95-A-X_yDn4BfVmQRUPOZdEgD5ZdWz-fheSmUenxkZhgZv4dweCaSyKKIxO7yuCke2ZjcmnJKz4UokoS_exv315gtN03rdg-wNSnqRUuPJl1N-6XQwzsg8YPBmsfCxk01p01HzpukZA1bgt8xUgsaqHu4Q1i0ynI4v8ZRV62j1UtDHoxGQPfhMdf6NLUOtvDwJcLtXw6hclhoaKi7W4Q8axpyExaf1vUNnlc2QPOwxNd5C3RLark09O5JWIaAnMnoyLMakPYsVlJLo0SP1qs4JK56MvH4xyL7zggCO3CyT46NLE1Qwdq8-sj03Ji56EDbvAFik_-3jNpLIZBuNLb7biQS2DrCYMWDktAw7W-D5580dV7N1ZWtWLuTxMiieQHvPYFFfdhrxU7Xb2bndxEi6iJLa9MHcHTrG-wWjeMV9BQsuQ-9YWuRIBXktyAm0yPWwzHZCY-LChR6mowV7Z4qATIWagjHhK5aAcVzrYqDMwKIo5rgxatmkji5-nFYA0I_6WkK45jfGCQFlzvDy8xUJ1opO4LTI8xzxznoQ2-sQlobfnQqzy5FPB_yPN7qzlknKBTYKqPqXFvG0AnYfQW98By0byjW8Gn-gBfOA-leGfS0MfZ4brAJMV7NYQvUUDg5cLtU3jexddkd3xybJz7GVZ-exn4ltnmskEHXh5Zb1MtLTO6hUeh_KQ8CKd_dtGlbqh_69kNBZLMQUDVo7ttvZ5t4JdunvNr6aEUGx8ZkS5pAFD_AOIR47mXnLtx5c4Zv2cQKaf1H4OYm-5spl58UjCxMxcroBj11Swj_cpwRhAKaqcK2Ij4KsWwawAn7ZJ-b7XxltFcA9nn996HdiJ7SVufgXft4kwrnfhB9Y5Na3aOJoDZNZJL04H_G1jfbm_t7NppVcIFLj_tLRXJKsc_LbgPIO59FhRRo0kibVxip5eQjIJqikjZjfqOv0N6fnqjF9C4pFiBy_nwMBdIV1-4JCHNdfAbwJ1OwEM2K1aWeF0VP5F4KLMi8r0Tdp__Hx0IjIi0nZ9xnXV9D2aMTlmqAPX3GXcLC6o3hO9FDgGRES6aS6kV2Pqv4MVSKAz-cXP4BlLE2KBZCvXBLcaK2M-luxJC_lWctqlGvgpqHpt2ZuyuYdY_9U5D2RrSYxiJMekhFRVd03P-G3QpD9OV084eV1tWjjmvGazdOg67ylIrqQ4as5xhIbBL0DcMLeVUiqpIqRcb_g0j_9Kiu7hR8TOkcV6350yFIEaXpsbpEjAVi-_ugECfZMOJExuuhE6CJQXKq0MonDo1VwXjhP5DuyLyiKN-SVxKhB6_qQ_UUG_COnzF5OTx61AQ9R0bV-9kLyKJ4x_uOwhsCyICJQDcTM5rgn62XRC2KgF7sklbPjhGM1ufeUFnJRprqywyv2bVRsLladghjsPGwyaGRbCzR_02MwLJ2PsHkJlz4b1EGQaxd7cXTAmgUftrXi7JKjnTIgU-E-1EmdSY9OW3Zex0GtCe1I_6K25EJsBmcnhyQjkCI1bAEGHzU5WkgCazUDkup4g0bs9FADJAR48RrVovlTZ1cx7iyrebFJGc2V4u03st1oqdrcuPE0yFyafo58drMPWUrvxo45J9uvvGI3Yc_gh1fCG6UZWG0wx9xQxjjDKqXvnXR_chLgrmAA5adFOcDjs6Y5GHKgXJ3sde2e_FOE2HcCpEjlQATdxBLKN69i-zB80VAGY9Lh2o_xX0zZf8e2xvGgrbjD2y_76oXTNBbblDJMo6bmtXNkZH4uzv4KgV6Dh09bdN1Nrrjy1UogLJvywiX_YmYqAWdea9dQDES5_zeFj2Ldloc6lLxNnJgiggj3XeQsEWCsGvHfFtoeJpFTnSxiZ9TRHKch17rGUR4KO0fJx89qT9VYOVE_lYsyAnrkDPqzSqb-N7-ZZl8pzglJqF_hfbI7f0R03ctUm4aaFx5_FF691eGx_MW1XzM1WXFoP8LlH3NPenaIIEnlq1Fpu46za6AAu2ylQfHwh1H7CsDfM2E97-mUDwmmb47m4Kcvo9e96ps13Dyn2fezuq2wMsqXzBG85uCWmDygXqle-WazBMRXMXMDHhN-wu51OmL3bk47MVEcH1rYs03_wLRx1uvsLvxaQWAcAR8YNoN0ldYj6CQBCdmPH8ahxODm30CJEMU4MR5X31GkbpnuUct04-OlHQshmlAKZCjJSr1Cd1GnCwMW0e1uNFVdgAP6rUz_Oo82D49NyjIrYsft0tP5ukJwXvAzupPF2efguTUKr99yJZdqLq5gsDCSkYnAroy80KlFaztUIv_nki_2fpApBmAdkQvv9OTMaSDh9sHg7pDPhKKXmus_s9zZPJecd9pM2ACpRoo3Rgc3Xu57piDHwj9w5PoFzh3pTw_0&cid=CAQSTADUE5ymtjJo0PO9xjleOL01xcXibwMYe7MmD6QyWaqt2C3Jdrlnhhy9xFUAAbwKerE32JOlyqmEa_9XcJzXv3Pk4ZeZkKlcHMNq82EYAQ&dc_eid=31072035&dv3_ver=m202301300101&rfl=https%3A%2F%2Fbloxids.com%2F&ds=l&xdt=1&iif=1&cor=12636873414086203000&adk=2923430907&idt=48&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38fcf1f489091fd2c45462ac5c55d25e2d6e4a3d46e638ff184eeaed62896ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37671
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp&cc=1

85 B
203 B

117ms
117ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: ecaf625650197ec54e257058dc45e0ca3edc7e645a9ffdc1d9be80e3cafc6378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-tYCFuQV3tpOSPFNLcMJ+Bl9Y/HY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bloxids.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 05 Feb 2023 06:30:17 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bloxids.com
location: /esp?url=https%3A%2F%2Fbloxids.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D65 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9906171497369&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D65 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9906171497369&version=m202301230201&ct=76&x=1&cor=11164618566542033000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6D65 93 KB
37 KB 99ms
98ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk86UalombggybwuLCVKOcd_GPu1FpMZZbU4EchLFT9jj4AIxHD0672J-WyDBu8UYX4GzQDCHEppFZuL_41sTsCgZxyOPuLLoJDSBjZ_OCwiHlItTtkMHibLCU9VfHhVX_7lSFxGzenShNaRN_3MqCP82SMMUM5zqXcqunrRAXR_B1kOE&dbm_d=AKAmf-CMEBnWs2P_lWcQPG67owZF9c3tSye0Yg55Mrh93r5a8zbTo1-D_53-8pc5C9ULzpQWZ6-70XsoqHGwvfQIqX0WOTxxETP2WeeupFiHRi_a3pXuQDn6fD7RTkmk-CWAk91xMCBuF92n5GjPoNr8ij2sF3j2WUyx-jJRs8nFzPlURnP2bGAWFjiPEfhVXzQbzQdMvUH4Uzjg6n4N-L3cRKdyCNap88OgJo2iUPPxRHi1auJH4i1hruFfJYAGcmOmjhG0HtS3EzMdV92kGUm91aDctD92toYRSGNGxpOk9lo71AMclqtRnLcrYlpDlIX9Sp7yKTR6J4SgHMwdSiue8_zvPjnQdM3G3zxgSgxN4KLDukoBbxGLE7ngpyoO9ORCpEqBLexNXwDsgtJwZmkfyZ6N0iViejqI0qZTuy8jj4qwLnIBxHb-d3N6JH4vdMlN_h6hmEShsnkJkA7TnfZZXlnjjRsBZMCvvXwqbRhyfANq_MJev8DMvQHZwqmg6r3jWGJCOFX_7Ywn67GbHwbq8utZwjVwHx3P5N3q7mvhZlpweQXn96ZDARm37Jl_y7lom4xOf4NOdkZz7VYTRT89ubvEjisiIgWbcQtp8qP6ShYYx7gS58TCKtpvFWoLDZl2EuX61SVqRVLhDH9nXiEnhrY3FC1pz2bImm_QjlgZuIyNe1oLHX4andS3zpDdoIjviEzp0uC6uBTnSkE9tjIauMlAY9iBzusEQm_qXOe5vX5NbhwZPWCrs4n0chgkxvCvsSClb1puPBIPsqSGd9M-EF5FGsno3lwPSkURszq35WK0zFmr2lt0vZREziGdYreLHUgdOxO8BRNJeHRSIDjwoMMjiekg20MdWNiQud9kT0FedZWNjc5-8YN94hNxMc---TNxC0ehP_jDZ7j5keZ3OLeog_yNOqgY_5X1P7TaSIhDuaydsxk7s3hWU155CT6MNh1UloTeBh6xA-Tc8UpQxCCOb5EVFQaDdS9ofryaI4c08Ahs0rq5LHebmPXWEoOwuTPr7c8KPEp38kBlHU7HRgruWESgZ8kmbGGH0QaL7WJsdRCGkzLuoi5hFlO7Flcfq-sn-deEIEP8QTfrgowKefOBCiufEdVDvMfJb1V8Fdwc2NWorzD5UrY17Wa2ZY0b18gBlG3F2e56lvXh0gD1sGZyuuFgdQTGiDyDBCxLjPI5jXVLkMXd4b0e2Rvu9I96H3maJv8o2cIRi3KThUy7FI-i_G7_urcGYRvjZm1jIa6En7XAe0wu8On6j6GuoDu0hjcwYib1_RtUQw8oH5OFQ_GZ0Ke87kpmJGMqyPiv3V7HAxQiU_BHu0gMXXnbv2tLugNXh11xnaaSKVYopEVeYgX_Urg6EY_y3ADjPRUiaLwrcxuOR3LlCFdn_oqZJrbQdQmp1pEGVomzbMiJIl_VxFzlSD-wuuTAxO55L0OS6b9umll-dfaaD-y4fshC1Cd-Ne2awNeO3Rnz0y8mDa1GV2QbjMVPdmARNdv255mE2qdN92NUrDD5Ha2kMZJdOyabs07hoKonRk0TmX3qVSVMX00D1FT6S4ViM-18MahkmiwMzpGYyi1trlvr64aIVWw3iElw6aA6To0gECKWGCIYRyn6daxjqtLFTIzffm3ddLNXLm_ZWDpmXUFgXNEiXG1rm6F5pt0C_rWOBylaDCeHWSN3Uadq3oG2pkDWwIshADfwAHXfbtQFCEHZ_aANqG_DrGJczyk7cZANlOj0bHQ0iBpKcBWnleKWMSDuO8IEXwh8_SEKI2rqa0X83QJzKMgvfJjHu2xGf0N0Ni-hC4HtfoRHZuJvNC08Bx7Tdqrh_sE69s-LulBBzfNn9jgYgIvOVTk3LLHIxux3FDA0cFe24w6mmWdcD8EkarHC3bFFnIxc0p1r1ztFvDyW9bvXxFDipZhIWuzRy70V1L12lQbpP0ZYNGrwXcjklXQsCI7BWZT3A-bczoNxjQ3Bbj-6axZlPb6j87QXbYKF_lqg3qIovOjtHQwxAuDk3ZRPR3UYcfStksh-oDpHIT5wHPFBUSMqjqTd1CGP8Y_eevcQFY0vHLiitAZ5ttTiwonizzS4QBHFA97c-B67Fq3Adiz-6gMqMunQqxoORDgdj8FZ1Oftz5SC4plZYpyzVXRC-EYDNIHn2uEcY3S2VF50cSyMXoRBs6YDO0AjPl9IvD5Idn4OEihRq4ntgforZwjcvP6f5NWNw4LQnUNCklcfbCDjC9tZDKKtXqB6JS92zTJDfvKvWgx1rpIqYE92ovF5ImVC4l7MM5BVQ9bwf4WFF6zlmDUGCa27dsY-UOFpqc1JhJ1CNHHmzsAZxV5ZYZfqOTe5A-JKiVL01JF_hy9P6F0yTljkBJEt6yAg16D_q8_8R9_4qBKBRPWzdtAA6QyRsZlXi-bJ_2fMol1bowmbgpFAVVHmAl6kmYUyrxUBwO4GQXM_JCFoSWGscurp8h7-QbJL-hBMq1eToADoE9Ymzh_ilXZOIbWKJLm9G2gI3hiBe4WaDHUMAIeIzpY9tmpmak6gS12pTjy3JfTXa_pa0aox3aYBHUVhaPQYcw-U1O63hC8AWnng6lSfVguhMJ3nlKmakSX3cGzbocIMafFKfHKznxwfIulnSyFpGVK3_Pjkf3M5-ETBv6Vszcc1-tlBCv6AsHiiWSCRV0C3su3t_aT9HUCj02El4Kh69S53zcwhT6i2YF5wY35b2wsPH8zKSzH6iwVh6gdmAsI_ozKb-PCz8EX-1rWdXV_wBE_dAvft_kMfquj3JF99UW_oWsc2_oBBqJWyasDuAywRp3VG7GH2nPA84dlOAj0uu0kLz0pjY9py2AKHgSD3U4jwL146z3HGuK4n7S6e7gQNg3jdg4MstnP9YqopLcPlNQkvfC8PbpB0RwvzJktJzYOlRLydwc0j4mDvQvsSrdv5Vk1bW28UaMMQX9mTq8tab8OwXgPn7NK_M-gxKT3L9k5VfKbeipUxZkNKdYhiT0CLZPyD1s7pj7RMGKlIf5EMcoaxfw3bIyHwXqtabrdMLqjx1dfvxwqOif29q87z3rsZ9DF9kBhGEEjBhTYLsGbqqfd-2yBKoEy6ckI3VF1EjOyUN0awlQ51bNbNu3IQH0op_n2IXLE5YeoUvidqSv9xtjH3uX_eQekrBfnKiK1qEeBDz53oLJTCyxUebGadwGCfEUpavM-TtL597OsGuZIDT0I8JNW8PeIBzuqx_fqnDh-EZDtdFlFTwkGn7YTISFsrzPqnS9lShbb4afrtOabpmWyY5SObIWwTD1SyNPo26DZv1n5JfduH3GFFk6ZXkMIn-EYp-scmy4219Mr2IrBjP73YZOExGIeUs55nDgNkc0LMhVnH5VYPlgdGOBhM3iSBtud35njiN8rz9cToZMNxJhmLb72NcAN2Qe1di4W1yh6AWgB-8E_Xh2c5bJ_SXnvwx0m-uBriTJRuPJV6uZWr&cid=CAQSTADUE5ymtjJo0PO9xjleOL01xcXibwMYe7MmD6QyWaqt2C3Jdrlnhhy9xFUAAbwKerE32JOlyqmEa_9XcJzXv3Pk4ZeZkKlcHMNq82EYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbloxids.com%2F&ds=l&xdt=1&iif=1&cor=11164618566542033000&adk=250412560&idt=55&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27d7e1af775e7eac98166b6945dbae1de40fb93fb9bf993842342f7239cb75dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37768
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4BE6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=bloxids.com&sn=ChromeSyncframe&so=0&topUrl=bloxids.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=7ESt_Hw1YnZkTWxsL3pBRDVxT0xwOGxIQVozT3JYWXliMG1RcWFocHViYituK2pwZGlqMlpaQ242Yjh1UjE3M3dZbS9Vb0ZuTzRQbFJ6Zk5aNmF1enkzT3MrS2dWZS93NTExamt1THlzQWhlVldRZVllSmZZdHMybHZrRm...

430 B
654 B

109ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7ESt_Hw1YnZkTWxsL3pBRDVxT0xwOGxIQVozT3JYWXliMG1RcWFocHViYituK2pwZGlqMlpaQ242Yjh1UjE3M3dZbS9Vb0ZuTzRQbFJ6Zk5aNmF1enkzT3MrS2dWZS93NTExamt1THlzQWhlVldRZVllSmZZdHMybHZrRmlWRFdFSUFGMFJjTnJpemUrRGx1a2FGcWIvcnRuSG1xNXBZTUJwN0R3aUxlT2psRTRMb3p6b3ZRZG53TUFIalQ1ZTNucWVqUmVlRFNRNTZlbW9HS3A2RnFBdGtWWFhXZEJBNjJOZ0tjRVREbEIxMEtHdEZ6K2czYmtXQndCeXJOU2Y0ZVdWaHVDVEdueEJKUm5hbUJUQmNNMTc4THBpUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3a2db72aac919e456db5a8242f8c1cde393e615ebe1dc14414a518212cd0f093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:16 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2072621
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=7ESt_Hw1YnZkTWxsL3pBRDVxT0xwOGxIQVozT3JYWXliMG1RcWFocHViYituK2pwZGlqMlpaQ242Yjh1UjE3M3dZbS9Vb0ZuTzRQbFJ6Zk5aNmF1enkzT3MrS2dWZS93NTExamt1THlzQWhlVldRZVllSmZZdHMybHZrRmlWRFdFSUFGMFJjTnJpemUrRGx1a2FGcWIvcnRuSG1xNXBZTUJwN0R3aUxlT2psRTRMb3p6b3ZRZG53TUFIalQ1ZTNucWVqUmVlRFNRNTZlbW9HS3A2RnFBdGtWWFhXZEJBNjJOZ0tjRVREbEIxMEtHdEZ6K2czYmtXQndCeXJOU2Y0ZVdWaHVDVEdueEJKUm5hbUJUQmNNMTc4THBpUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 635400
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3B96
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1&C=1

43 B
766 B

17ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY88-a3wEwAQ&v=APEucNX0rnGIiZI2mT7yBHa-2uAd8sUUdtTPAzaS-TQq9vDlGyo7rkbBTV3rvfZvqi5sPa8hgTh-DBRS3Kn3lIw_RtIzwJhxpY9ro6-N4W3FDubIsBVC-Pb2VL2cHGphxmlZOmDb2PxIqZB5dtBxYXWhbW40DeBd0dC_DzpIrnZc2KHRt4wGYJ-3XoC8rnK6eql3ZhZnaFdMyLXgeZojVetY9EdV24Wlhw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 06:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 06:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3B96
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y99M.Q4gMkRZheQK8rdBWAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInWhlqX-lPFNAmymsYmU_4&google_cver=1&google_hm=2

43 B
632 B

12ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInWhlqX-lPFNAmymsYmU_4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY88-a3wEwAQ&v=APEucNX0rnGIiZI2mT7yBHa-2uAd8sUUdtTPAzaS-TQq9vDlGyo7rkbBTV3rvfZvqi5sPa8hgTh-DBRS3Kn3lIw_RtIzwJhxpY9ro6-N4W3FDubIsBVC-Pb2VL2cHGphxmlZOmDb2PxIqZB5dtBxYXWhbW40DeBd0dC_DzpIrnZc2KHRt4wGYJ-3XoC8rnK6eql3ZhZnaFdMyLXgeZojVetY9EdV24Wlhw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 06:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInWhlqX-lPFNAmymsYmU_4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3B96
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI8CScSH_23ltTiLSL-DiCk&google_cver=1

43 B
1 KB

36ms
12ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI8CScSH_23ltTiLSL-DiCk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY88-a3wEwAQ&v=APEucNX0rnGIiZI2mT7yBHa-2uAd8sUUdtTPAzaS-TQq9vDlGyo7rkbBTV3rvfZvqi5sPa8hgTh-DBRS3Kn3lIw_RtIzwJhxpY9ro6-N4W3FDubIsBVC-Pb2VL2cHGphxmlZOmDb2PxIqZB5dtBxYXWhbW40DeBd0dC_DzpIrnZc2KHRt4wGYJ-3XoC8rnK6eql3ZhZnaFdMyLXgeZojVetY9EdV24Wlhw

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 06:30:17 GMT
AN-X-Request-Uuid: 9980559e-98b4-42ff-85f5-499ac89d2ec0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI8CScSH_23ltTiLSL-DiCk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3B96
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0MzU3NzM0MDkzOTIzMzI1NQ%3D%3D

170 B
232 B

35ms
24ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0MzU3NzM0MDkzOTIzMzI1NQ%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 05 Feb 2023 06:30:17 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f224b531-48d9-4d47-9067-f4f4091a21b5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0MzU3NzM0MDkzOTIzMzI1NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5DC2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1&C=1

43 B
632 B

18ms
13ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-7qa3wEwAQ&v=APEucNVZVBp84Ja29g-nN7HCzMSlCimokZJDzfYpHGu1oaCDPPJkatTlts5L1owRRj0jyCDmA9L8SqL5fbVZES0z58dNcxzTydn2GQ5rb_nQMNZcClIWe7xrIxbUPGzq8fKJYf7gky6TUFNmMQgKG57pzXUd5KPaBQQU_q2z47HhPuUHCYy7u8fYqSsofYdz2rV4SeYq_GBhR_hvji2lAecs1vdQk-qDDw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 06:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 06:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEGuVQUWnZcy4JM5xzrJUt8Y&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5DC2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y99M.Q4gMkRZheQK8rdBWAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInWhlqX-lPFNAmymsYmU_4&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInWhlqX-lPFNAmymsYmU_4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-7qa3wEwAQ&v=APEucNVZVBp84Ja29g-nN7HCzMSlCimokZJDzfYpHGu1oaCDPPJkatTlts5L1owRRj0jyCDmA9L8SqL5fbVZES0z58dNcxzTydn2GQ5rb_nQMNZcClIWe7xrIxbUPGzq8fKJYf7gky6TUFNmMQgKG57pzXUd5KPaBQQU_q2z47HhPuUHCYy7u8fYqSsofYdz2rV4SeYq_GBhR_hvji2lAecs1vdQk-qDDw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 06:30:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEInWhlqX-lPFNAmymsYmU_4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5DC2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI8CScSH_23ltTiLSL-DiCk&google_cver=1

43 B
1 KB

36ms
11ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI8CScSH_23ltTiLSL-DiCk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-7qa3wEwAQ&v=APEucNVZVBp84Ja29g-nN7HCzMSlCimokZJDzfYpHGu1oaCDPPJkatTlts5L1owRRj0jyCDmA9L8SqL5fbVZES0z58dNcxzTydn2GQ5rb_nQMNZcClIWe7xrIxbUPGzq8fKJYf7gky6TUFNmMQgKG57pzXUd5KPaBQQU_q2z47HhPuUHCYy7u8fYqSsofYdz2rV4SeYq_GBhR_hvji2lAecs1vdQk-qDDw

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 06:30:17 GMT
AN-X-Request-Uuid: a89ec756-ee91-4a04-b7b6-8bea1da47bc3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI8CScSH_23ltTiLSL-DiCk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5DC2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0MzU3NzM0MDkzOTIzMzI1NQ%3D%3D

170 B
243 B

33ms
22ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0MzU3NzM0MDkzOTIzMzI1NQ%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 05 Feb 2023 06:30:17 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 041d72f5-fd65-4319-95d4-c76791b1ba95
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0MzU3NzM0MDkzOTIzMzI1NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1333404/69042416/ Frame 6D65 243 KB
73 KB 261ms
64ms Script
application/javascript 34.249.82.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1333404/69042416/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.82.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-82-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9f73c2441e71d2b72dc629d53b99764351c88b77d0f3470259db9894f0c6a908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6D65 106 KB
37 KB 131ms
29ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
Origin: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 22:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 22:35:08 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 6D65 8 KB
3 KB 24ms
16ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk86UalombggybwuLCVKOcd_GPu1FpMZZbU4EchLFT9jj4AIxHD0672J-WyDBu8UYX4GzQDCHEppFZuL_41sTsCgZxyOPuLLoJDSBjZ_OCwiHlItTtkMHibLCU9VfHhVX_7lSFxGzenShNaRN_3MqCP82SMMUM5zqXcqunrRAXR_B1kOE&dbm_d=AKAmf-CMEBnWs2P_lWcQPG67owZF9c3tSye0Yg55Mrh93r5a8zbTo1-D_53-8pc5C9ULzpQWZ6-70XsoqHGwvfQIqX0WOTxxETP2WeeupFiHRi_a3pXuQDn6fD7RTkmk-CWAk91xMCBuF92n5GjPoNr8ij2sF3j2WUyx-jJRs8nFzPlURnP2bGAWFjiPEfhVXzQbzQdMvUH4Uzjg6n4N-L3cRKdyCNap88OgJo2iUPPxRHi1auJH4i1hruFfJYAGcmOmjhG0HtS3EzMdV92kGUm91aDctD92toYRSGNGxpOk9lo71AMclqtRnLcrYlpDlIX9Sp7yKTR6J4SgHMwdSiue8_zvPjnQdM3G3zxgSgxN4KLDukoBbxGLE7ngpyoO9ORCpEqBLexNXwDsgtJwZmkfyZ6N0iViejqI0qZTuy8jj4qwLnIBxHb-d3N6JH4vdMlN_h6hmEShsnkJkA7TnfZZXlnjjRsBZMCvvXwqbRhyfANq_MJev8DMvQHZwqmg6r3jWGJCOFX_7Ywn67GbHwbq8utZwjVwHx3P5N3q7mvhZlpweQXn96ZDARm37Jl_y7lom4xOf4NOdkZz7VYTRT89ubvEjisiIgWbcQtp8qP6ShYYx7gS58TCKtpvFWoLDZl2EuX61SVqRVLhDH9nXiEnhrY3FC1pz2bImm_QjlgZuIyNe1oLHX4andS3zpDdoIjviEzp0uC6uBTnSkE9tjIauMlAY9iBzusEQm_qXOe5vX5NbhwZPWCrs4n0chgkxvCvsSClb1puPBIPsqSGd9M-EF5FGsno3lwPSkURszq35WK0zFmr2lt0vZREziGdYreLHUgdOxO8BRNJeHRSIDjwoMMjiekg20MdWNiQud9kT0FedZWNjc5-8YN94hNxMc---TNxC0ehP_jDZ7j5keZ3OLeog_yNOqgY_5X1P7TaSIhDuaydsxk7s3hWU155CT6MNh1UloTeBh6xA-Tc8UpQxCCOb5EVFQaDdS9ofryaI4c08Ahs0rq5LHebmPXWEoOwuTPr7c8KPEp38kBlHU7HRgruWESgZ8kmbGGH0QaL7WJsdRCGkzLuoi5hFlO7Flcfq-sn-deEIEP8QTfrgowKefOBCiufEdVDvMfJb1V8Fdwc2NWorzD5UrY17Wa2ZY0b18gBlG3F2e56lvXh0gD1sGZyuuFgdQTGiDyDBCxLjPI5jXVLkMXd4b0e2Rvu9I96H3maJv8o2cIRi3KThUy7FI-i_G7_urcGYRvjZm1jIa6En7XAe0wu8On6j6GuoDu0hjcwYib1_RtUQw8oH5OFQ_GZ0Ke87kpmJGMqyPiv3V7HAxQiU_BHu0gMXXnbv2tLugNXh11xnaaSKVYopEVeYgX_Urg6EY_y3ADjPRUiaLwrcxuOR3LlCFdn_oqZJrbQdQmp1pEGVomzbMiJIl_VxFzlSD-wuuTAxO55L0OS6b9umll-dfaaD-y4fshC1Cd-Ne2awNeO3Rnz0y8mDa1GV2QbjMVPdmARNdv255mE2qdN92NUrDD5Ha2kMZJdOyabs07hoKonRk0TmX3qVSVMX00D1FT6S4ViM-18MahkmiwMzpGYyi1trlvr64aIVWw3iElw6aA6To0gECKWGCIYRyn6daxjqtLFTIzffm3ddLNXLm_ZWDpmXUFgXNEiXG1rm6F5pt0C_rWOBylaDCeHWSN3Uadq3oG2pkDWwIshADfwAHXfbtQFCEHZ_aANqG_DrGJczyk7cZANlOj0bHQ0iBpKcBWnleKWMSDuO8IEXwh8_SEKI2rqa0X83QJzKMgvfJjHu2xGf0N0Ni-hC4HtfoRHZuJvNC08Bx7Tdqrh_sE69s-LulBBzfNn9jgYgIvOVTk3LLHIxux3FDA0cFe24w6mmWdcD8EkarHC3bFFnIxc0p1r1ztFvDyW9bvXxFDipZhIWuzRy70V1L12lQbpP0ZYNGrwXcjklXQsCI7BWZT3A-bczoNxjQ3Bbj-6axZlPb6j87QXbYKF_lqg3qIovOjtHQwxAuDk3ZRPR3UYcfStksh-oDpHIT5wHPFBUSMqjqTd1CGP8Y_eevcQFY0vHLiitAZ5ttTiwonizzS4QBHFA97c-B67Fq3Adiz-6gMqMunQqxoORDgdj8FZ1Oftz5SC4plZYpyzVXRC-EYDNIHn2uEcY3S2VF50cSyMXoRBs6YDO0AjPl9IvD5Idn4OEihRq4ntgforZwjcvP6f5NWNw4LQnUNCklcfbCDjC9tZDKKtXqB6JS92zTJDfvKvWgx1rpIqYE92ovF5ImVC4l7MM5BVQ9bwf4WFF6zlmDUGCa27dsY-UOFpqc1JhJ1CNHHmzsAZxV5ZYZfqOTe5A-JKiVL01JF_hy9P6F0yTljkBJEt6yAg16D_q8_8R9_4qBKBRPWzdtAA6QyRsZlXi-bJ_2fMol1bowmbgpFAVVHmAl6kmYUyrxUBwO4GQXM_JCFoSWGscurp8h7-QbJL-hBMq1eToADoE9Ymzh_ilXZOIbWKJLm9G2gI3hiBe4WaDHUMAIeIzpY9tmpmak6gS12pTjy3JfTXa_pa0aox3aYBHUVhaPQYcw-U1O63hC8AWnng6lSfVguhMJ3nlKmakSX3cGzbocIMafFKfHKznxwfIulnSyFpGVK3_Pjkf3M5-ETBv6Vszcc1-tlBCv6AsHiiWSCRV0C3su3t_aT9HUCj02El4Kh69S53zcwhT6i2YF5wY35b2wsPH8zKSzH6iwVh6gdmAsI_ozKb-PCz8EX-1rWdXV_wBE_dAvft_kMfquj3JF99UW_oWsc2_oBBqJWyasDuAywRp3VG7GH2nPA84dlOAj0uu0kLz0pjY9py2AKHgSD3U4jwL146z3HGuK4n7S6e7gQNg3jdg4MstnP9YqopLcPlNQkvfC8PbpB0RwvzJktJzYOlRLydwc0j4mDvQvsSrdv5Vk1bW28UaMMQX9mTq8tab8OwXgPn7NK_M-gxKT3L9k5VfKbeipUxZkNKdYhiT0CLZPyD1s7pj7RMGKlIf5EMcoaxfw3bIyHwXqtabrdMLqjx1dfvxwqOif29q87z3rsZ9DF9kBhGEEjBhTYLsGbqqfd-2yBKoEy6ckI3VF1EjOyUN0awlQ51bNbNu3IQH0op_n2IXLE5YeoUvidqSv9xtjH3uX_eQekrBfnKiK1qEeBDz53oLJTCyxUebGadwGCfEUpavM-TtL597OsGuZIDT0I8JNW8PeIBzuqx_fqnDh-EZDtdFlFTwkGn7YTISFsrzPqnS9lShbb4afrtOabpmWyY5SObIWwTD1SyNPo26DZv1n5JfduH3GFFk6ZXkMIn-EYp-scmy4219Mr2IrBjP73YZOExGIeUs55nDgNkc0LMhVnH5VYPlgdGOBhM3iSBtud35njiN8rz9cToZMNxJhmLb72NcAN2Qe1di4W1yh6AWgB-8E_Xh2c5bJ_SXnvwx0m-uBriTJRuPJV6uZWr&cid=CAQSTADUE5ymtjJo0PO9xjleOL01xcXibwMYe7MmD6QyWaqt2C3Jdrlnhhy9xFUAAbwKerE32JOlyqmEa_9XcJzXv3Pk4ZeZkKlcHMNq82EYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbloxids.com%2F&ds=l&xdt=1&iif=1&cor=11164618566542033000&adk=250412560&idt=55&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:17:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 6D65 28 KB
11 KB 26ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:43:48 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1333404/69041406/ Frame 97D4 243 KB
73 KB 218ms
34ms Script
application/javascript 34.249.82.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1333404/69041406/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.82.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-82-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e445c862c08a932c22f1f079c562333cd5294504d0ac51f001dd11cbcee84fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 97D4 106 KB
37 KB 162ms
69ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
Origin: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 22:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 22:35:08 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 97D4 8 KB
3 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRQm7I_lRDbe_ppsF3VSYW1Kpj10kf-qCNxuqajsA74Vp8fxkhbCwHL_33nR-7ZaeqqotWIXMhaI345TN3O1HISXDpwwWXeSe3GL8ryQoLSxv7l9q4nZwAs5qeCzIUPKsmvOdFHfAnjunSH0mKuVtymJKvxnlwkMDZuFcJljjsrhRCgCM&dbm_d=AKAmf-A7eFtAFPNrw3OdOgTnBbZatEJVEOp-LUDeRAT4B3T8ESd_onBidJ8LvnlUGri5OP1e6qeqls12zWpfdoTEt26wzlAY3-67OpfDvJ_jMMnMsheEnFu3poRW4CAzACZ4KAOXwIsWp-p1INieEcUgqalsAueYKn4VQkE9Ldm7Smxy7chHaDCrF59FlLQn5wEjDwC_LfzmfFGuItB_KaCep17lo7msXpGQFMdeOd_76stpwE6qwHPj-Lnew0ESlGwm5IbVIQFSYmWG63dKX71HztW0XAHNqnDeLv3imMDbBdPwucS2_AQ8fqi2AKWY-HGKQjh8xgsz9IgS1tpMlc86OMcXCSsPrYScQLYFOglCT1CoMsaPdpvC-ShzR_zXwMbBIOwAV09cEsx2XSi4RxrnfT2pWVrTqBb-v4QUsPuypPMRKfTqk4xAA7LkKX2K0YQG5ik3AiFez8OtTEnDjtIRvg0W8tt3bp9DSSaRFnS3hpvHmx_RejmWURFt-BcAZqPb9S_TOjRsUYq6ml4NfxmuiK6BRGBNhvZ5EQH-QhzoA1T5OlV7y5mw9c1rKtfFOxFUqwdAa10pZoKCKZ6keu-LHQ4UXSehVwlSaPayu-q-cZusK_uKbFhiwNG0yPfiwI4liGjGlZjxAoBLxif4MJaalDMWRHq1_c3b-ZQ6rOy4OA2WyIpMaqPPNNoMnv6UAFVyJhVzSn-Z2ciyAM6x9NV4JUqTLqwZ1bqDYJCny6AbLZTtbi7UURu0eIZKw4m1scpvEgbhFLX7VApqIZqTmcXV35vOQd8oPe-O9bRmJx-ZB3LCLQ77DW-NlrxW_K9pX-mzRboW629i1LsxWByE1gPe0WjStPiThQzRgxSJgKneTGFCCUp3PfQHf8Huw1rVFwciiMPHx3r-sEDpr9JkPrxwWoE5VqvYCCc5c2g1yXa8cZ8cg0S73zytZfFBCNMcQX6ZXiwmOYoOdnEPGeeqU0_leMppd1yXhzAPf39GgN5isDtJY5vHuvVIJsEs1uItgH2Xmhb-zg8_jw4Gs_MBEZqYfYSenTLO7OY7TrFrTojfLCH_-fctwKuDJ3tQ_U95-A-X_yDn4BfVmQRUPOZdEgD5ZdWz-fheSmUenxkZhgZv4dweCaSyKKIxO7yuCke2ZjcmnJKz4UokoS_exv315gtN03rdg-wNSnqRUuPJl1N-6XQwzsg8YPBmsfCxk01p01HzpukZA1bgt8xUgsaqHu4Q1i0ynI4v8ZRV62j1UtDHoxGQPfhMdf6NLUOtvDwJcLtXw6hclhoaKi7W4Q8axpyExaf1vUNnlc2QPOwxNd5C3RLark09O5JWIaAnMnoyLMakPYsVlJLo0SP1qs4JK56MvH4xyL7zggCO3CyT46NLE1Qwdq8-sj03Ji56EDbvAFik_-3jNpLIZBuNLb7biQS2DrCYMWDktAw7W-D5580dV7N1ZWtWLuTxMiieQHvPYFFfdhrxU7Xb2bndxEi6iJLa9MHcHTrG-wWjeMV9BQsuQ-9YWuRIBXktyAm0yPWwzHZCY-LChR6mowV7Z4qATIWagjHhK5aAcVzrYqDMwKIo5rgxatmkji5-nFYA0I_6WkK45jfGCQFlzvDy8xUJ1opO4LTI8xzxznoQ2-sQlobfnQqzy5FPB_yPN7qzlknKBTYKqPqXFvG0AnYfQW98By0byjW8Gn-gBfOA-leGfS0MfZ4brAJMV7NYQvUUDg5cLtU3jexddkd3xybJz7GVZ-exn4ltnmskEHXh5Zb1MtLTO6hUeh_KQ8CKd_dtGlbqh_69kNBZLMQUDVo7ttvZ5t4JdunvNr6aEUGx8ZkS5pAFD_AOIR47mXnLtx5c4Zv2cQKaf1H4OYm-5spl58UjCxMxcroBj11Swj_cpwRhAKaqcK2Ij4KsWwawAn7ZJ-b7XxltFcA9nn996HdiJ7SVufgXft4kwrnfhB9Y5Na3aOJoDZNZJL04H_G1jfbm_t7NppVcIFLj_tLRXJKsc_LbgPIO59FhRRo0kibVxip5eQjIJqikjZjfqOv0N6fnqjF9C4pFiBy_nwMBdIV1-4JCHNdfAbwJ1OwEM2K1aWeF0VP5F4KLMi8r0Tdp__Hx0IjIi0nZ9xnXV9D2aMTlmqAPX3GXcLC6o3hO9FDgGRES6aS6kV2Pqv4MVSKAz-cXP4BlLE2KBZCvXBLcaK2M-luxJC_lWctqlGvgpqHpt2ZuyuYdY_9U5D2RrSYxiJMekhFRVd03P-G3QpD9OV084eV1tWjjmvGazdOg67ylIrqQ4as5xhIbBL0DcMLeVUiqpIqRcb_g0j_9Kiu7hR8TOkcV6350yFIEaXpsbpEjAVi-_ugECfZMOJExuuhE6CJQXKq0MonDo1VwXjhP5DuyLyiKN-SVxKhB6_qQ_UUG_COnzF5OTx61AQ9R0bV-9kLyKJ4x_uOwhsCyICJQDcTM5rgn62XRC2KgF7sklbPjhGM1ufeUFnJRprqywyv2bVRsLladghjsPGwyaGRbCzR_02MwLJ2PsHkJlz4b1EGQaxd7cXTAmgUftrXi7JKjnTIgU-E-1EmdSY9OW3Zex0GtCe1I_6K25EJsBmcnhyQjkCI1bAEGHzU5WkgCazUDkup4g0bs9FADJAR48RrVovlTZ1cx7iyrebFJGc2V4u03st1oqdrcuPE0yFyafo58drMPWUrvxo45J9uvvGI3Yc_gh1fCG6UZWG0wx9xQxjjDKqXvnXR_chLgrmAA5adFOcDjs6Y5GHKgXJ3sde2e_FOE2HcCpEjlQATdxBLKN69i-zB80VAGY9Lh2o_xX0zZf8e2xvGgrbjD2y_76oXTNBbblDJMo6bmtXNkZH4uzv4KgV6Dh09bdN1Nrrjy1UogLJvywiX_YmYqAWdea9dQDES5_zeFj2Ldloc6lLxNnJgiggj3XeQsEWCsGvHfFtoeJpFTnSxiZ9TRHKch17rGUR4KO0fJx89qT9VYOVE_lYsyAnrkDPqzSqb-N7-ZZl8pzglJqF_hfbI7f0R03ctUm4aaFx5_FF691eGx_MW1XzM1WXFoP8LlH3NPenaIIEnlq1Fpu46za6AAu2ylQfHwh1H7CsDfM2E97-mUDwmmb47m4Kcvo9e96ps13Dyn2fezuq2wMsqXzBG85uCWmDygXqle-WazBMRXMXMDHhN-wu51OmL3bk47MVEcH1rYs03_wLRx1uvsLvxaQWAcAR8YNoN0ldYj6CQBCdmPH8ahxODm30CJEMU4MR5X31GkbpnuUct04-OlHQshmlAKZCjJSr1Cd1GnCwMW0e1uNFVdgAP6rUz_Oo82D49NyjIrYsft0tP5ukJwXvAzupPF2efguTUKr99yJZdqLq5gsDCSkYnAroy80KlFaztUIv_nki_2fpApBmAdkQvv9OTMaSDh9sHg7pDPhKKXmus_s9zZPJecd9pM2ACpRoo3Rgc3Xu57piDHwj9w5PoFzh3pTw_0&cid=CAQSTADUE5ymtjJo0PO9xjleOL01xcXibwMYe7MmD6QyWaqt2C3Jdrlnhhy9xFUAAbwKerE32JOlyqmEa_9XcJzXv3Pk4ZeZkKlcHMNq82EYAQ&dc_eid=31072035&dv3_ver=m202301300101&rfl=https%3A%2F%2Fbloxids.com%2F&ds=l&xdt=1&iif=1&cor=12636873414086203000&adk=2923430907&idt=48&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:17:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 97D4 28 KB
11 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:43:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D65 41 KB
15 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:26:45 GMT

GET
DATA 200
OK truncated
/ Frame 6D65 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 546de838820e3fdcf4a87553d59dc9c4e05ca6070aa7582254664b15209005be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 97D4 41 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:26:45 GMT

GET
DATA 200
OK truncated
/ Frame 97D4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b20d0266609ebaefd5be24955f6d45d4a0addfb7512c52b4bd8754965c2d4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1FE5 22 KB
8 KB 29ms
27ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 563062
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 18:05:55 GMT
expires: Mon, 29 Jan 2024 18:05:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3F95 22 KB
8 KB 28ms
17ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 563062
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 18:05:55 GMT
expires: Mon, 29 Jan 2024 18:05:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF8C 6 KB
3 KB 37ms
32ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:30:15 GMT
expires: Mon, 05 Feb 2024 06:30:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
529 B 21ms
20ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDEzNzc3MzAwMDA2MDU1OSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQxMzc3NzMwMDAwNjA1NTkiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiYmxveGlkc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImE5MjhjZjJjM2FkMzZmNWU5ZWQyZDkwZjY1NWMxZGM5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MTM3NzczMDAwMDYwNTU5IiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidW5pdCI6ImJsb3hpZHNfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzU1Nzg2MTQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDQ0LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNDQsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDEzNzc3MzAwMDA2MDU1OSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1ODUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQxMzc3NzMwMDAwNjA1NTkiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiYmxveGlkc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzIFiv1zrGX8HapFxn0SrcZS4dd1hx7iGCXG%2FoIfNHphoZAYx9LEooB5dW9LC1wGE%2B2hWQgie7KHu7SZ3BAg1Zci1Qre%2BAIG%2FcPuUMFki7Dxa8sanzXleUE9YaQhJOxUtbN8CvYGl4Qpbg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b6bf2e3827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:17 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
528 B 15ms
15ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDEzNzc3MzAwMDA2MDU1OSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wMi0wNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMCJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uUb1X81QhxYnaOTxIL6GEHcbAQHnXaVV87jvGaZtHw2hKb3oVCX8218iuYUIlaH%2B7tKMHYB8Br5U%2ByHa1whqnN4U7DfHoPrINGQr0XGRVlmQcCccPgkyXKwxv7R1nZNsf2wVwQXO92jCg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b6bf303827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:19 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
530 B 17ms
16ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDEzNzc3MzAwMDA2MDU1OSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhdWN0aW9uX2Vwb2NoIjoxNjc1NTc4NjE3LCJhZF9wb3NpdGlvbiI6OTk5OSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImJpZF9mbG9vcl9pbml0aWFsIjo0NCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjQ0LCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo4OTEsIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsxVTwnzjo7Qwr%2FK6vdU%2FHmtKOkeVQ%2FzxP42HAG6l%2FRjefNGBkhZw1n6tPN5X5zf8socHkAv10VMIsmulWeid0bpfwMHXrhGeGk5mT%2Bzt4oLpu83lMLq1afaZTYCfp3y6ykvvAoLtMfpdw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b6bf323827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:16 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
537 B 23ms
22ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2OTA1MTI5ODA1MzkwNSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI0MzYifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDUifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI1MzU0NTY1MTIwNTkyMzciLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94aWRzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMzE1In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI4MCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMzOTA1NzQ3NjAwMDA5MDkiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94aWRzX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiNDM2In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMjk1In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xT4%2BVWH2YSYgaYyTVd44Fe7n2qHJZajWqRla%2B996l28alE4OH69oalqrozsUZpLb6%2BXtdNcV5bRX%2FtpqmtIOl5fe9s%2F%2FteXVFclCVGC0L3esGP%2Fqfwt%2Fhnowjs6%2FY4N2OkVhBBYfXMj8g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998b6bf333827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:17 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12493911404993194114/ Frame 035C 157 KB
23 KB 96ms
33ms Document
text/html 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12493911404993194114/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b647fad4304731e77a2666a51fd694d558521774f74a019ffe6bec10a1b2a9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 86475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23253
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:29:02 GMT
expires: Sun, 04 Feb 2024 06:29:02 GMT
last-modified: Wed, 07 Dec 2022 12:58:16 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D65 0
0 151ms
56ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNFbPWO-EVkiN1Z0fe8MX-3ErcXIZ1DcbPrFE5iHuj59mjt-xEC79Z99WKwn5q_IgpxGYmaTRfJ28B03_UnH3KVpdpWqn1q87f9RcisJQ_qdONN-GWytCHwHx5xY8XERtsCpWITQK0ErF83ZdCtUQHQP0dAxYMamVHwmfSC4DFgSgbUEL_Qgedc-DRVXKWWGl3-s-jUTTNDCtXa7gEDDDGe1G-Ggb570gmPmyw72Moy4PDR16IMA1bzYiP0BH2kZdHJjT5aFSrRg4m4eL9EOmI-d2tO1qDJ9cPoNFanj23IOtdK7puqPw4R90JBUwo0v-Nu2EB_MJ1sHZHp3c4xbVABwywoBb1F45zbaI4yGkdkgUD54EsPKsamJ37pyENy2UW-LqSMHe2Vyp3neiBmj_YlUDelzRER5BNI1r0C0S4-cf2vNfBZYdLL_KI1G4z1hcU5RdMJhf68Y1H01RyhLygSOwwH-J5SmxC0Jrgk7j0lzq4ySglPPBR65C7QlWhTLlaVBUMDvfX4d6L8CrPRMQdwU04muZS2liLqCg6V7G7Jb1aWa5T4SYduzQygEFWR_-rujuFux7lTuJy8j6Ujbg2RhshhWySEfEbpODUso1Sg9ZZV1yXWR89sYH27734RX-q3UKuza7uU0WT_YrdHPNV7bZthUX97Ld8fcwx5x9AfoeqIQxjZNS8RtvSelKge95gZo4hD5zTY7YxBJnJfdr9FRygDbW0LySB3GymJpaVo3qmPw8g8JKXOvfvaHyda8eS0ox-3Ne85gDwEWGkiLlnTe63RcgmHbwCijhZPiTXdFBuloA5jEVpV91rznGGxGvMVTDZX6JvMJCciPZo901zVlT_KaMH0_3oUQcD5RGarmTAkEqSRqDr1PocEFM91FTtMWCBS2HcKP8_d08xKSFunO-oZhYvO-wsdEryBDB_-F4jtAWMYACo2ZzSRhMsY3t0-kUHs3bMQVglFGfOaOyLn6YkLaTpZV2uBG7M4TM_vbSzyKTpN8erVpg48ZJT3RLXJNjWuM_XKtBHv_FjCHXv8vfDCDMaORepuDoF5mgz49i3m3t5kIy6qp-UrXcx_kgdB2t0PUSvu5yKqx5wglET8R-QGaEU54XZulO1sYVB8JPN_S5nitKIUUfzrwLIyw9RUpNY8cSe3heiw_Sa4_BlT7Ov1uV5zBGOWULDnRLPVu7VfH1Z4_N14z7viU9IcOz-mNvcm_IDMcFw0f6zcandCuI1QZtqS60y50cjuScin6zmOt6ymN8QqW7JvSzspgBXQKotc_-LoejhT_fyAxsvbkiYMzy4V6sNGdOMCkHqRJWq&sai=AMfl-YSA5YZk8S4dahuv-GiO7YcSIHakk5bo9H6rmJ0qzW_jPLjl7s-fAAZXa7LFsIa2uy9oQjVcsCR8n7srUpit64eeE3zVEBLUdaKCrKXW5c_PBYm1E-MLceZ0CD0837dVRlIMq7yBdqySmJGE9JaceuuYBvIdS5svIlvrJgpgJCF-v-mWfEr1TIQuhmmd57bhOd_SCaj5lgSh6yH7l6D_wLAATj0BMLbCrp5k6vccKORHeM690i-XpVXxupXpM9Ci2L6ehI4l6XvzyXCyHRbhoQlAEasw92zSzqPv&sig=Cg0ArKJSzF1lw7SABq6NEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=234&cbvp=1&cstd=231&cisv=r20230201.84108&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Feb 2023 06:30:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Feb 2023 06:30:17 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1FE5 36 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 06:54:17 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13877950151065513782/ Frame B3D2 153 KB
23 KB 62ms
37ms Document
text/html 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13877950151065513782/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02769df91411966f24c194dec78e8819607d53ba6380958c98bf2e074320e35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 334376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23020
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 09:37:21 GMT
expires: Thu, 01 Feb 2024 09:37:21 GMT
last-modified: Wed, 07 Dec 2022 13:00:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 97D4 0
0 120ms
59ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVlOPt-cVjrgaOOK9_mJXhm4so0b-2zy6pZJAHX6qJo_s8tUXGG984mQfS11Z7925k_s-pR4VYLEyMSS4g4olGZU0NCV4aejgkEH78QdQ66C9aCG8T8Fbj9AOMxFKH6jmMb_p6DJ8k4dSjo8abCjNX9SGPj8oLtG2wefduIlCpjzC4Seck5s7Nzp2JDnVzrZplLn9ApDyooTtflbhaoxe1WPq6ehrj1AqHG1IDJN7JqPTY07jLGvseo2SnNWn2IY6b71Nl_ZltEDn1tbQyk_WUl6AoVe_-NxeHBqfhe3YDiFjbheHvL5SetCbelu6cNCmllrhLhleof6xru3pTFfn_0Y3d2HhzsSzw2OccFukrf9hqfHyxH9_Kzyfh0ShWxki6kRkkk213SzG5fw3WJv6h011Kz5wiiUlQhaYjd8TTrgqzEZlrmnM07bOKpMzMd5MBXHfZ5z9SepBeQ_QTH-2yAysRDMqLm73NlBcjV_bH9rGSU463AP4HJejOAqPKcWpUCdbsqEDZEdThNrs8-MSKMDkC5VxGX8cNR12QjmzCT4ODGE3m7WjzfSBoV_RbX2YMycqVhKQ9Ne0qeU_ydz_ZNm-F3upilmB_H671ztPOh63I-8sGcKKhTCNUr4DQwOeBhG8zh4fOt3QVwpfkOQooZ27y6eqDlyKfJwWHHfdyeP5rK2MWL_9PluWM9kc-xLKHlw7wvwolYxOEF9CxH3R-JglZONfSwwvmjhMtoTB4JiWth3OVuGU47Y69ZbaC1cL_XfGUtY106bISlTBpR6KF5NrpYnrZUnGLMTbBYx7Wfbkx9pYcHjWJFTT51XHXHrGP2-m8rfSxAo-ESK193eO6DtNKv3ewBOuFj6nOwjoAciOUBzUXGWjUjBv7HBciFr2oUVTC0kr-bq6IusrgLji9CuHbuAVKoNYnraEkLmIzPyHez7yHC7X2fg-2-IcA5paUcOMPuaup5K9o8hsiJX98aGfo_KwQAkHThp0HwpaYVnnHeGU79sM_M2JyU7dso6u46zqg4btxME-8tUisiLTHRt0JB15QCf9p2byA8A1SUyKOGzm-XevGQWhPXLahfROSrIiT9jIKXa6IN4M8bLhmETDohmP1Td2DVuYgZ_uXYSA7HDxoIfaIMzL87wiPztxhqXyxnhKZkkWUPstmw64N8beNtKiTBzAHpqf62zjXDMWiB0y-7JvxKaDymXHVYcLt7eVD2SMDKNGcFtLunHJKJVBIDSNv7oigjpEsuZ-AmmsxLxEy4OlPekmXxZW_NTH0o8npYfmbVwx-IvwyquJmqy1sDIcIVJ8J1ebwKrE&sai=AMfl-YR-F9Hrfp51whobExw2KctOdkkZdS0H3SbUlswc6oUwZ7m1aeOrP6jVhOOcgXEsjlAGM3lebyuQ3XyJDFCEW6qZSh9wlMA0hUtl4cSd5nFySU4YzBKxSM23TZ9hIVuB74qp7DCbZLc7SCzbmYBV71wAfKpM_hq4Csd-DNd3xufUwG8OU71Mwi1eNfs3lu4pRjO_nEX6DtPm7-igfYcrknQ0iGnsFHP3V6HUaoo2Ef2wUp25xY1DMvtOdBSHACwRR-peyHafUJZxuQ5p8vfE4JBTmTlPXylLyZLP&sig=Cg0ArKJSzJlK8z0q9cjjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&cbvp=1&cstd=251&cisv=r20230201.91482&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Feb 2023 06:30:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Feb 2023 06:30:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BF8C 4 KB
709 B 92ms
33ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 06:08:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Feb 2023 06:30:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 220A 3 KB
1010 B 80ms
32ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 05:48:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Feb 2023 06:30:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 220A 2 KB
765 B 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:20:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 220A 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 13:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 13:35:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 220A 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:54:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 220A 18 KB
7 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:19:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 220A 0
0 29ms
27ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGhWbJb-pWx7MaGgEPAWmH1RlOnc5Qch765Wd2zcZFvN-7eW4RY_ijOszic4hjTlxH4xQr1-R9cV3_pPe5vO7fwPu3qA
Requested by: Host: bloxids.com
URL: https://bloxids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 220A 157 KB
48 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 06:30:17 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 220A 33 KB
14 KB 58ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 May 2023 21:01:47 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame BF8C 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 20:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
server: cafe
etag: 8727046649480766555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 20:02:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BF8C 205 B
295 B 58ms
20ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 21:23:23 GMT
x-content-type-options: nosniff
age: 32814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 04 Feb 2024 21:23:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BF8C 604 B
919 B 57ms
19ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 23:54:40 GMT
x-content-type-options: nosniff
age: 23737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 04 Feb 2024 23:54:40 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F95 36 KB
14 KB 23ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 06:54:17 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 94C2 0
176 B 214ms
133ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloxids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 05 Feb 2023 06:30:17 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CB8F 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Sun, 05 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 97D4
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1333404/69041406/4.js?bundleId=${BUNDLE_ID}&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContaine...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}

1 KB
1 KB

19ms
18ms

Script
application/javascript

2600:9000:2304:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2304:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:40:39 GMT
x-amz-version-id: bl_DZv7EoIjCRhbVwC6.RCuKzEoZoEqS
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 215379
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 02 Feb 2023 18:40:32 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: vKGrq5fNo0VTKw7aB38uSsP6kjwv3Byfh0s9kPRC0Uq1VMre2-V4DQ==

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: nginx
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7533 91 KB
23 KB 87ms
24ms Script
application/javascript 2600:9000:2304:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 11804041
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: pb2ALcz3jzlLkSlj6hGQdae-Dwmr02h_tGDzaX1yYS_Ddw-MUrd-xw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97D4 43 B
215 B 626ms
176ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=72d88eac-314a-ccf3-e249-ec89ea14d0dd&tv=%7Bc:3keEvQ,pingTime:-8,time:29,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:29,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuY57uN+11%7C12%7C13*.1333404-69041406%7C131%7C132%7C133%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:13*,rmeas:1,rend:0,renddet:DIV,siq:28%7D&br=c
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 035C 29 KB
10 KB 32ms
30ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 13:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 13:11:58 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B3D2 29 KB
10 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 13:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 13:11:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97D4 43 B
215 B 740ms
351ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=72d88eac-314a-ccf3-e249-ec89ea14d0dd&tv=%7Bc:3keExe,pingTime:-3,time:115,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuY57uN+11%7C12%7C13*.1333404-69041406%7C131%7C132%7C133%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:13*,rmeas:1,rend:0,renddet:DIV,siq:28%7D&br=c
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97D4 43 B
215 B 735ms
351ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=72d88eac-314a-ccf3-e249-ec89ea14d0dd&tv=%7Bc:3keExh,pingTime:-6,time:118,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuY57uN+11%7C12%7C13*.1333404-69041406%7C131%7C132%7C133%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:13*,rmeas:1,rend:0,renddet:DIV,siq:28%7D&tpiLookup=ao:bloxids.com*&br=c
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 6D65
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1333404/69042416/4.js?bundleId=${BUNDLE_ID}&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContaine...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}

1 KB
1 KB

18ms
18ms

Script
application/javascript

2600:9000:2304:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2304:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:40:39 GMT
x-amz-version-id: bl_DZv7EoIjCRhbVwC6.RCuKzEoZoEqS
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 215379
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 02 Feb 2023 18:40:32 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: jjXj9kk2bwhqH7qP_wh_QNw9kNOqxyqLwl1BCMiDEfbyXcifr6Acgg==

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C117 91 KB
23 KB 22ms
21ms Script
application/javascript 2600:9000:2304:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 11804041
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: fVOaIKwieY8zVQuzpt4WxybS6gWaubEc6f9yCn01iqU3-oZdKShZhw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97D4 43 B
215 B 430ms
175ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=72d88eac-314a-ccf3-e249-ec89ea14d0dd&tv=%7Bc:3keEzp,pingTime:-2,time:251,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:621,beZ:622,mfA:625,cmA:626,inA:626,inZ:630,prA:630,prZ:641,si:648,poA:651,poZ:676,cmZ:676,mfZ:676,loA:739,loZ:742,ltA:871,ltZ:871%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:251,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B244~0%5D,as:%5B244~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuY57uN+11%7C12%7C13*.1333404-69041406%7C131%7C132%7C133%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:13*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:28,sinceFw:220,readyFired:true%7D&br=c
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6D65 43 B
215 B 599ms
350ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e3518b2b-254d-7823-4274-28f5a627d634&tv=%7Bc:3keEzu,pingTime:-3,time:132,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:133,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuY57wM+11%7C12%7C131%7C132%7C133%7C134%7C14*.1333404-69042416%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:14*,rmeas:1,rend:0,renddet:na,siq:30%7D&br=c
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6D65 43 B
215 B 422ms
176ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e3518b2b-254d-7823-4274-28f5a627d634&tv=%7Bc:3keEzw,pingTime:-6,time:134,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:134,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B124~0%5D,as:%5B124~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuY57wM+11%7C12%7C131%7C132%7C133%7C134%7C14*.1333404-69042416%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:14*,rmeas:1,rend:0,renddet:na,siq:30%7D&tpiLookup=ao:bloxids.com*&br=c
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CB8F 0
104 B 170ms
28ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEL9JYiB1Yio6N7-bIz0ByPQ&google_cver=1&google_push=Aa02lx-ApvX7AKMQkke-xOvyaFBNlgIiZ_pPQYWJ4i5yE3RPyjaubmcSobxIwYRP9ldp3XNo4K9bMytXuSnVB2a2E5VuE-94GMLK
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CB8F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENJ8Jb3JdcrJKFYAGtgyeaE&google_cver=1&google_push=Aa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJ8Jb3JdcrJKFYAGtgyeaE&google_cver=1&google_push=Aa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE...

43 B
442 B

178ms
163ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJ8Jb3JdcrJKFYAGtgyeaE&google_cver=1&google_push=Aa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 794998bacc563656-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 430
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENJ8Jb3JdcrJKFYAGtgyeaE&google_cver=1&google_push=Aa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9-hnZL6QPnfPy3dfgQgYIABLND48uXSiJCY-PLtDjchrHd9mgL2OLEsYGgAen5mCTXKiSxjXdSvBtq2MQOkbi8KO9icEE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 794998b97b363656-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB8F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFv90quTSwO2pfTAA0dJfFA&google_cver=1&google_push=Aa02lx-pv1ySvMEo0UQbl7kPGBDRyMua74RmpLx3hqLGuXBg7Nuvv8N9qW6dyGvxzXVLXCqsKeJ5G0XNtFReAs...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjU1NTM2MTkxMzQwMzUzMQ%3D%3D&google_push=Aa02lx-pv1ySvMEo0UQbl7kPGBDRyMua74RmpLx3hqLGuXBg7Nuvv8N9qW6dyGvxzXVLXCqsKeJ5G0XNtFReAsD_lM...

170 B
188 B

25ms
24ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjU1NTM2MTkxMzQwMzUzMQ%3D%3D&google_push=Aa02lx-pv1ySvMEo0UQbl7kPGBDRyMua74RmpLx3hqLGuXBg7Nuvv8N9qW6dyGvxzXVLXCqsKeJ5G0XNtFReAsD_lM67U85z-ytk

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjU1NTM2MTkxMzQwMzUzMQ%3D%3D&google_push=Aa02lx-pv1ySvMEo0UQbl7kPGBDRyMua74RmpLx3hqLGuXBg7Nuvv8N9qW6dyGvxzXVLXCqsKeJ5G0XNtFReAsD_lM67U85z-ytk
Date: Sun, 05 Feb 2023 06:30:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB8F
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENMZ3ah8po4k1gAE9yv1Hu0&google_cver=1&google_push=Aa02lx93QUXO7UTacyX-zUb5JLN9JBIoQgMGVnouEvvSkONCin7ZaqjcxFVA7SWDC6TYjxZ7onLJkHvsLgpsczAJf6f5gW...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENMZ3ah8po4k1gAE9yv1Hu0&google_cver=1&google_push=Aa02lx93QUXO7UTacyX-zUb5JLN9JBIoQgMGVnouEvvSkONCin7ZaqjcxFVA7SWDC6TYjxZ7onLJkHvsLgpsczAJ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=z_NUdadCSUqvP8WIneUDkw&google_push=Aa02lx93QUXO7UTacyX-zUb5JLN9JBIoQgMGVnouEvvSkONCin7ZaqjcxFVA7SWDC6TYjxZ7onLJkHvsLgpsczA...

170 B
188 B

30ms
29ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=z_NUdadCSUqvP8WIneUDkw&google_push=Aa02lx93QUXO7UTacyX-zUb5JLN9JBIoQgMGVnouEvvSkONCin7ZaqjcxFVA7SWDC6TYjxZ7onLJkHvsLgpsczAJf6f5gWIyyKU

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=z_NUdadCSUqvP8WIneUDkw&google_push=Aa02lx93QUXO7UTacyX-zUb5JLN9JBIoQgMGVnouEvvSkONCin7ZaqjcxFVA7SWDC6TYjxZ7onLJkHvsLgpsczAJf6f5gWIyyKU
access-control-allow-origin: *
date: Sun, 05 Feb 2023 06:30:18 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame CB8F 42 B
233 B 319ms
88ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDMxi3nwJ591PFiwS1p5bhI&google_cver=1&google_push=Aa02lx8y7_ZEBjuflZdu2pQbofDD0Qx8fBr2wzUksiL4vgUpCua0XKiL5iBq2u0jvGI2eO7uBU27c-87okvvjhel0QDEIHsIV_mXuA
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 06:30:18 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame CB8F
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEDP8Mn4lYMGMHYR6BaRJPQA&google_cver=1&google_push=Aa02lx_E0eBTAUWHdxFTNL3QMSCIS7g3ZWTbt_i4uJUs_V5ss4OKDv8iFGYzz6XJuZk6wzKg7AgofIrrv3yNzTmW--n_VnbxJRAI4Q
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx_E0eBTAUWHdxFTNL3QMSCIS7g3ZWTbt_i4uJUs_V5s...

43 B
1 KB

51ms
16ms

Image
image/gif

141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx_E0eBTAUWHdxFTNL3QMSCIS7g3ZWTbt_i4uJUs_V5ss4OKDv8iFGYzz6XJuZk6wzKg7AgofIrrv3yNzTmW--n_VnbxJRAI4Q

Protocol

HTTP/1.1

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 05 Feb 2023 06:30:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx_E0eBTAUWHdxFTNL3QMSCIS7g3ZWTbt_i4uJUs_V5ss4OKDv8iFGYzz6XJuZk6wzKg7AgofIrrv3yNzTmW--n_VnbxJRAI4Q
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB8F
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJiRBAL-J...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJi...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=3304943b-4a9a-4783-a2e9-fa851d689889&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

30ms
30ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=3304943b-4a9a-4783-a2e9-fa851d689889&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=3304943b-4a9a-4783-a2e9-fa851d689889&%%GOOGLE_PUSH_PAIR%%
date: Sun, 05 Feb 2023 06:30:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CB8F 0
12 B 25ms
24ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAJlbIBwL8SAiRn_q0MUlsYwov0ninfDvosxFJaoxf133p_PWZfwN19TBdfUX8h0uIEYcuu2_3

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6D65 43 B
216 B 379ms
173ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e3518b2b-254d-7823-4274-28f5a627d634&tv=%7Bc:3keEAd,pingTime:-2,time:177,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:739,beZ:740,mfA:744,cmA:746,inA:746,inZ:751,prA:751,prZ:758,si:768,poA:769,poZ:800,cmZ:800,mfZ:800,loA:873,loZ:875,ltA:915,ltZ:915%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:177,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuY57uN+11%7C12%7C13.1333404-69041406%7C131%7C132%7C133%7C134%7C14*.1333404-69042416%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:30,sinceFw:146,readyFired:true%7D&br=c
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6ADA 36 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 06:54:17 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D65 0
0 54ms
52ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNFbPWO-EVkiN1Z0fe8MX-3ErcXIZ1DcbPrFE5iHuj59mjt-xEC79Z99WKwn5q_IgpxGYmaTRfJ28B03_UnH3KVpdpWqn1q87f9RcisJQ_qdONN-GWytCHwHx5xY8XERtsCpWITQK0ErF83ZdCtUQHQP0dAxYMamVHwmfSC4DFgSgbUEL_Qgedc-DRVXKWWGl3-s-jUTTNDCtXa7gEDDDGe1G-Ggb570gmPmyw72Moy4PDR16IMA1bzYiP0BH2kZdHJjT5aFSrRg4m4eL9EOmI-d2tO1qDJ9cPoNFanj23IOtdK7puqPw4R90JBUwo0v-Nu2EB_MJ1sHZHp3c4xbVABwywoBb1F45zbaI4yGkdkgUD54EsPKsamJ37pyENy2UW-LqSMHe2Vyp3neiBmj_YlUDelzRER5BNI1r0C0S4-cf2vNfBZYdLL_KI1G4z1hcU5RdMJhf68Y1H01RyhLygSOwwH-J5SmxC0Jrgk7j0lzq4ySglPPBR65C7QlWhTLlaVBUMDvfX4d6L8CrPRMQdwU04muZS2liLqCg6V7G7Jb1aWa5T4SYduzQygEFWR_-rujuFux7lTuJy8j6Ujbg2RhshhWySEfEbpODUso1Sg9ZZV1yXWR89sYH27734RX-q3UKuza7uU0WT_YrdHPNV7bZthUX97Ld8fcwx5x9AfoeqIQxjZNS8RtvSelKge95gZo4hD5zTY7YxBJnJfdr9FRygDbW0LySB3GymJpaVo3qmPw8g8JKXOvfvaHyda8eS0ox-3Ne85gDwEWGkiLlnTe63RcgmHbwCijhZPiTXdFBuloA5jEVpV91rznGGxGvMVTDZX6JvMJCciPZo901zVlT_KaMH0_3oUQcD5RGarmTAkEqSRqDr1PocEFM91FTtMWCBS2HcKP8_d08xKSFunO-oZhYvO-wsdEryBDB_-F4jtAWMYACo2ZzSRhMsY3t0-kUHs3bMQVglFGfOaOyLn6YkLaTpZV2uBG7M4TM_vbSzyKTpN8erVpg48ZJT3RLXJNjWuM_XKtBHv_FjCHXv8vfDCDMaORepuDoF5mgz49i3m3t5kIy6qp-UrXcx_kgdB2t0PUSvu5yKqx5wglET8R-QGaEU54XZulO1sYVB8JPN_S5nitKIUUfzrwLIyw9RUpNY8cSe3heiw_Sa4_BlT7Ov1uV5zBGOWULDnRLPVu7VfH1Z4_N14z7viU9IcOz-mNvcm_IDMcFw0f6zcandCuI1QZtqS60y50cjuScin6zmOt6ymN8QqW7JvSzspgBXQKotc_-LoejhT_fyAxsvbkiYMzy4V6sNGdOMCkHqRJWq&sai=AMfl-YSA5YZk8S4dahuv-GiO7YcSIHakk5bo9H6rmJ0qzW_jPLjl7s-fAAZXa7LFsIa2uy9oQjVcsCR8n7srUpit64eeE3zVEBLUdaKCrKXW5c_PBYm1E-MLceZ0CD0837dVRlIMq7yBdqySmJGE9JaceuuYBvIdS5svIlvrJgpgJCF-v-mWfEr1TIQuhmmd57bhOd_SCaj5lgSh6yH7l6D_wLAATj0BMLbCrp5k6vccKORHeM690i-XpVXxupXpM9Ci2L6ehI4l6XvzyXCyHRbhoQlAEasw92zSzqPv&sig=Cg0ArKJSzF1lw7SABq6NEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=705&vt=11&dtpt=471&dett=3&cstd=231&cisv=r20230201.84108&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Feb 2023 06:30:17 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 97D4 0
0 51ms
51ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVlOPt-cVjrgaOOK9_mJXhm4so0b-2zy6pZJAHX6qJo_s8tUXGG984mQfS11Z7925k_s-pR4VYLEyMSS4g4olGZU0NCV4aejgkEH78QdQ66C9aCG8T8Fbj9AOMxFKH6jmMb_p6DJ8k4dSjo8abCjNX9SGPj8oLtG2wefduIlCpjzC4Seck5s7Nzp2JDnVzrZplLn9ApDyooTtflbhaoxe1WPq6ehrj1AqHG1IDJN7JqPTY07jLGvseo2SnNWn2IY6b71Nl_ZltEDn1tbQyk_WUl6AoVe_-NxeHBqfhe3YDiFjbheHvL5SetCbelu6cNCmllrhLhleof6xru3pTFfn_0Y3d2HhzsSzw2OccFukrf9hqfHyxH9_Kzyfh0ShWxki6kRkkk213SzG5fw3WJv6h011Kz5wiiUlQhaYjd8TTrgqzEZlrmnM07bOKpMzMd5MBXHfZ5z9SepBeQ_QTH-2yAysRDMqLm73NlBcjV_bH9rGSU463AP4HJejOAqPKcWpUCdbsqEDZEdThNrs8-MSKMDkC5VxGX8cNR12QjmzCT4ODGE3m7WjzfSBoV_RbX2YMycqVhKQ9Ne0qeU_ydz_ZNm-F3upilmB_H671ztPOh63I-8sGcKKhTCNUr4DQwOeBhG8zh4fOt3QVwpfkOQooZ27y6eqDlyKfJwWHHfdyeP5rK2MWL_9PluWM9kc-xLKHlw7wvwolYxOEF9CxH3R-JglZONfSwwvmjhMtoTB4JiWth3OVuGU47Y69ZbaC1cL_XfGUtY106bISlTBpR6KF5NrpYnrZUnGLMTbBYx7Wfbkx9pYcHjWJFTT51XHXHrGP2-m8rfSxAo-ESK193eO6DtNKv3ewBOuFj6nOwjoAciOUBzUXGWjUjBv7HBciFr2oUVTC0kr-bq6IusrgLji9CuHbuAVKoNYnraEkLmIzPyHez7yHC7X2fg-2-IcA5paUcOMPuaup5K9o8hsiJX98aGfo_KwQAkHThp0HwpaYVnnHeGU79sM_M2JyU7dso6u46zqg4btxME-8tUisiLTHRt0JB15QCf9p2byA8A1SUyKOGzm-XevGQWhPXLahfROSrIiT9jIKXa6IN4M8bLhmETDohmP1Td2DVuYgZ_uXYSA7HDxoIfaIMzL87wiPztxhqXyxnhKZkkWUPstmw64N8beNtKiTBzAHpqf62zjXDMWiB0y-7JvxKaDymXHVYcLt7eVD2SMDKNGcFtLunHJKJVBIDSNv7oigjpEsuZ-AmmsxLxEy4OlPekmXxZW_NTH0o8npYfmbVwx-IvwyquJmqy1sDIcIVJ8J1ebwKrE&sai=AMfl-YR-F9Hrfp51whobExw2KctOdkkZdS0H3SbUlswc6oUwZ7m1aeOrP6jVhOOcgXEsjlAGM3lebyuQ3XyJDFCEW6qZSh9wlMA0hUtl4cSd5nFySU4YzBKxSM23TZ9hIVuB74qp7DCbZLc7SCzbmYBV71wAfKpM_hq4Csd-DNd3xufUwG8OU71Mwi1eNfs3lu4pRjO_nEX6DtPm7-igfYcrknQ0iGnsFHP3V6HUaoo2Ef2wUp25xY1DMvtOdBSHACwRR-peyHafUJZxuQ5p8vfE4JBTmTlPXylLyZLP&sig=Cg0ArKJSzJlK8z0q9cjjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=693&vt=11&dtpt=440&dett=3&cstd=251&cisv=r20230201.91482&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: bloxids.com
URL: https://bloxids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Feb 2023 06:30:17 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 035C 6 KB
2 KB 35ms
31ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:34:58 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 035C 2 KB
1 KB 36ms
31ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 998
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 10:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:44:16 GMT

GET
H3 200 728x90_head_3.svg
s0.2mdn.net/creatives/assets/4718548/ Frame 035C 9 KB
3 KB 594ms
590ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/728x90_head_3.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9020d2625849d8afdb2b1c4a77b0ad57d0f6da26979c5d153ec5f2d78fcf7d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2548
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 12:45:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:18 GMT

GET
H3 200 728x90_head_2.svg
s0.2mdn.net/creatives/assets/4718548/ Frame 035C 18 KB
5 KB 1133ms
1128ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/728x90_head_2.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cafa288086dbe4f3d472e651fc52ec04af9983a35b6f9b9ee0f52f55ce29551f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5024
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 12:45:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:19 GMT

GET
H3 200 728x90_head_1.svg
s0.2mdn.net/creatives/assets/4718548/ Frame 035C 9 KB
3 KB 576ms
572ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/728x90_head_1.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74605b9495c29e6225c5416159bfcd2d55fb75959fc8c3edeab50034157f71ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2554
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 12:45:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:18 GMT

GET
H3 200 728x90_radiant.svg
s0.2mdn.net/creatives/assets/4302518/ Frame 035C 4 KB
934 B 39ms
35ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4302518/728x90_radiant.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ee2edf2ddb1d690e30013c9af36fd43243bded4b13941716fe64bc54dd9c8f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 906
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:23:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:36:22 GMT

GET
H3 200 728x90_gradiant.svg
s0.2mdn.net/creatives/assets/4302518/ Frame 035C 891 B
504 B 179ms
176ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4302518/728x90_gradiant.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8551d5827d3b97980f38b6448a6bc9aede2808c3e33ea5a24e49f89cafbe1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:23:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:18 GMT

GET
H3 200 728x90_kv_1.jpg
s0.2mdn.net/creatives/assets/4718548/ Frame 035C 39 KB
39 KB 1122ms
1119ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/728x90_kv_1.jpg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fba4c2a97b1e1f14ae28086ce7c73e2099306bbd28198fb6e716ba574cce4c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39483
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 12:45:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:19 GMT

GET
H3 200 728x90_kv_2.jpg
s0.2mdn.net/creatives/assets/4718548/ Frame 035C 37 KB
37 KB 624ms
621ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/728x90_kv_2.jpg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf48b55aa04f23137a0130e30156a4123da584f956026f6282d2ba12faad9eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12493911404993194114/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38291
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 12:45:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:18 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame B3D2 6 KB
2 KB 32ms
31ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:34:58 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4364511/ Frame B3D2 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 998
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 10:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:44:16 GMT

GET
H3 200 970x250_head_3.svg
s0.2mdn.net/creatives/assets/4718548/ Frame B3D2 9 KB
3 KB 1086ms
1086ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/970x250_head_3.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a597687caaf7f1669e151bc310e9c8e9b702fb33054e068447ea46ac059b282f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2742
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 11:38:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:18 GMT

GET
H3 200 970x250_head_2.svg
s0.2mdn.net/creatives/assets/4718548/ Frame B3D2 18 KB
5 KB 754ms
753ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/970x250_head_2.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4871560cb45c975e145854362f4d50804174171c877be9bfd3f2412d4615231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5251
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 11:38:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:18 GMT

GET
H3 200 970x250_head_1.svg
s0.2mdn.net/creatives/assets/4718548/ Frame B3D2 9 KB
3 KB 198ms
197ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/970x250_head_1.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedace2cb6507c0da0b609df71822469a8772cbdff1954d28a85c4c83d5ba24d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2621
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 11:38:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:18 GMT

GET
H3 200 970x250_radient.svg
s0.2mdn.net/creatives/assets/4707036/ Frame B3D2 60 KB
44 KB 33ms
32ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4707036/970x250_radient.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56ed40a382b57effb53e10296e03a086b0a63664e55ecb7d167ca855ef5bcad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44823
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 09:08:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:44:16 GMT

GET
H3 200 970x250_gradient.svg
s0.2mdn.net/creatives/assets/4707036/ Frame B3D2 4 KB
2 KB 40ms
39ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4707036/970x250_gradient.svg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28d6f3486c415290504ecd4c52ef429f08ad43cda991fd3127d2f4fb145ff6ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2501
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 09:08:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:44:16 GMT

GET
H3 200 970x250_kv_1.jpg
s0.2mdn.net/creatives/assets/4718548/ Frame B3D2 38 KB
38 KB 543ms
542ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/970x250_kv_1.jpg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73065acb93584379bb8b2a81338c968567c8673409804dc85059fd5fdc16843c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39341
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 11:38:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:18 GMT

GET
H3 200 970x250_kv_2.jpg
s0.2mdn.net/creatives/assets/4718548/ Frame B3D2 39 KB
39 KB 202ms
201ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4718548/970x250_kv_2.jpg

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc26a0d85727a3f0bf2774141c68205b8f759a047c7ba1721f34854e0982397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13877950151065513782/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39629
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 11:38:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Feb 2023 06:45:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FE5 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVCfq-UzfY4SmBMX97_UPhYqemAYAAAAAOAHgBAI&bg=!BQalBkLNAAaq5O5FiuQ7ACkAdvg8WtcwkObhj6Z_2BYt7q4mGnS5j0xeXNReALv5HVMQcNjZFs-rOwIAAAIGUgAAAANoAQcKACiOnLeigBNqy6weAArz39Y-bumo8cF2dSMR5xnM0EeTy0RTmndGlTW-mQLgflsQ-IzAdjCVLgayxXwpQs0kD7_nMOtk8yzYhA446KHSuL2TTMh4sTa6sN9W55jyveZxR_YXuMjiHqMP7vO97C2gw4oaDFyhhy3I6giEt4ll18heVulU0jaxu-7QLggyLRkNMxg929IsIwk3_s4IuLMHNY4DXeX0BWAQofj0NK84TJqvfyYytyMVcK5l1p8I1ZekO32EnyBcCUB4pA1AqP8Ysnuz7ezBRzoUCRB3_40oPSSW3O2DntlgVood_EF8EJsIuwn2ncg089sem0lGCF40IgpNmJRO5MEJJUn43kQC6O_rKCORXk40VUVbe7retITj2CA5Qm7sDQM7bdn_c572qj3IV9wBVuZ_O2klZmQEJ1kcZwCZKsSHFBZVaYgP9fJgjETzmKN2fMHB641q-kjJj25ASh0IZznCCg6ixZ_IDpEyQeFaKh2afrmz5Td_NYIRpdBOnYng8nHNNa1PaSN-w_3kWclgVGHO3zK5cxEAP72gHtj8BX8dCW7pof49PzZwTY6dWGOdKFsUmXU7y-iT1UiIvUgDhyGllUrjmKNUQayQHnRe3Y-XjhUCoVXzjiwJw6uQyGhrME29JRdVARn5zVwq0qhmbt1AJniD7CvrvhsrEfXvINriYF3EDkcXusnC0UPnwBUtC9bIFImLkUzuaRzp3v7HuChJ2uh4Ml1nGUW9SqH8ryGlZ1NCe-PXMfJnDYDJUMXxmayBGSt8LbSxjb5fCfjiBNNMdFjIxecETrS-JBRcANFjMdZKNiZKjyHGOm3VlHQspoFCMFQdRNk6IB5wv9vViTAUHtmWD0sV_mVJHG-DWLzXDgs679Xi0m-gRJ0A-TyxJRHilDuCd4Zd_WkjnCy0A65PR2c2NUKm6YVyy25ZQ29I0plufWhyGY-mbhVbx26RHQQ3d5K0FC_Da9qgFENNE1y8tQzGJ0X725UQxL3WvpzA6AQ0JQs9YC0CxFP-1gbs8DJy4zWISA

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F95 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQvo5-UzfY4TqA-OirATo4KDABwAAAAA4AeAEAg&bg=!aWqlai7NAAaq5O5FiuQ7ACkAdvg8WoqP_riXa2loyiICWTXPxuiCPeKLirjNZcFNPoNlEFLV6Tg_yAIAAAF3UgAAAAJoAQcKAA5amcSu5OUxgVszQEGzdpkC8WXI9hFlLeYK1pPRizaFEwwggulUaocfSWuyl-3BiVSBaLH8vCysfwgae3kB2sYmR3Gdg5ykbOh2McLkXavQPRSRJVGe6jrrTmVUjm8kp4b09E69DJQ6uF910AkDEiY_SFHG6PlgWG5KBKb_YkCDSxt8CC43DysIOmDYbLVbpuDR93KAOyfMFdabCpZneSjm0LtQZnsXyXoWo8sv0hG_5_Nx60wMbdUsipkx8EK11ZqMqS_lBGmv14zv65FSuVwUHM1cGjp8WUFCorSjxOUMkNeH0Hv2kAsW4NzU9zl71C2CIWu75RxbZAkeUFlx6BNmqVvd-6uv5DSzmr5w61fO1K71jBOQCWUBgHoXQpMbRueHjYVm8QcDNZSoj1QFOfMvCDrJ5Vj64PzzKqM23-_E3VNT-anNRgdeQqW_ty3FtaiuhqmMDH-CfdLfFWQExJ2euKC0ZPK5JiXvY0z5v9zbAEyNkBJwgC8jXAeid-ymGmw_-TEoTSi6Yf0B1F1sDx3TY5A2J9q0wYH-Fmy8Z_v-PVH_agUG0SFZyfCUDV8ltQ6XeFUR4NCfLCHc3POWxz6DWRBKyErOuMqjf0eZVNIFNHu8DdOMzDE9cARaf9qgncW0n-88WTVbfjRJmJYca8AVI_p_cGckdhDre8ltKiyZWlAdFVCIxnSni-KoJ-VFrxbkkhJOFRoizk1DCe-B2Hfp2hivpNtY4ANMm1yMpZRZkSPdc4G6K0GkbEHqyaIZGvvPQUuhyEondNfyMM1DU7EtY_9XlrNAjUnXc-1j5D2ylHPq21hMCXaaLm3rv6vQRBugdbFIKeku3lueJ3uztpnEkpI3sVbWBPWYv1uQeRXPWWaiwJtu-g1wvcPkKY68JOLPnJTI1cOEjqHHGzehvPRq_m-vRXL6zzYhuZeSmklLh5e_gu3tP_uS-OePZMwL58Y-tWHa-XexOSxM95iNF5NaQaRdyhhn4InXqt0cvrGC-eUkp686y_8V8XDaqTiU5JPMxQ

Requested by

Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6D65 43 B
215 B 268ms
267ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e3518b2b-254d-7823-4274-28f5a627d634&tv=%7Bc:3keEER,time:465,type:e,im:%7Bpci:%7Btdr:227%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:465,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B455~0%5D,as:%5B455~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuY57uN+11%7C12%7C13.1333404-69041406%7C131%7C132%7C133%7C134%7C14*.1333404-69042416%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:249%7D&br=c
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97D4 43 B
215 B 211ms
209ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=72d88eac-314a-ccf3-e249-ec89ea14d0dd&tv=%7Bc:3keEFM,pingTime:-10,time:645,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675578618158%7C%7Cf61ecbea4347337fc9efcd9b0fb3e185%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C99890560f0e2a5070770790c1c2fe42d%7C%7C8ee8ad48398ec7d8a4488fd7c87ec214%7C%7C1a0e478dd4eb1e6f8cfdd9e53c427767%7C%7C0ee7f3e4ca17cbeb9ac151ea6284e91a%7C%7Cf3f1e5cc4695fee630aa03379189681e%7C%7C1663701684%7D
Requested by: Host: 0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
URL: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 97D4 42 B
174 B 75ms
61ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttZ2OJRGW_yRTVpA7aKi63yh0vAR4Ik6XbxdCuvMn90Bi7X0_IJKOUTWwum6SQZ0CyriOycR0Q7Kbq3ZVUqk3SLiDp2-S1W9N-fMIDDiz8uuVMBsVZuzKxfR8C9WIPzxlQVuScEg&sai=AMfl-YQflq0A4kyPZ6NRr3xNx9SfFejQi36G4hQQwKpSLqlB3x-rYdsZuQFenN2_1-V75ffFFy-LkMFxFrmyB6m6HWc6mh3YFdV2egZJtBY7gU3v94zTVNWTROSt5RBPvLHMLqeyOFPoYcBqMci4gw&sig=Cg0ArKJSzPvke-va9wCZEAE&cid=CAQSTADUE5ymtjJo0PO9xjleOL01xcXibwMYe7MmD6QyWaqt2C3Jdrlnhhy9xFUAAbwKerE32JOlyqmEa_9XcJzXv3Pk4ZeZkKlcHMNq82EYAQ&id=lidar2&mcvt=1000&p=80,315,330,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3005794515&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675578616892&rpt=393&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
529 B 21ms
21ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjUzNTQ1NjUxMjA1OTIzNyIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTAwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbOTcwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI1MzU0NTY1MTIwNTkyMzciLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94aWRzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyNTM1NDU2NTEyMDU5MjM3IiwiZG9tYWluX2lkIjoiMjM3MDYxIiwidW5pdCI6ImRpdi1ncHQtYWQtYmxveGlkc19jb20tYm94LTItMCIsInRfZXBvY2giOjE2NzU1Nzg2MTQsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImExZjhhMzNlLTlmOTctNGZkNi03NjNiLTAxY2Q1MDFjY2ZhMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMTkyIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSl4y1OTqKccHwKVT%2BWvDunmoBK%2F4fSnD1MIO%2BOyL5U9Up36G3OAddeD73QQtzOG1T2jB7WSI1XVVSMtzgg29vLCYH0nj4KW1wt6kCMOuHdI8QlVZhMA064CG30yBltohpiDqJ232vs0XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998bcfc813827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:18 GMT

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
525 B 18ms
18ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM5MDU3NDc2MDAwMDkwOSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM5MDU3NDc2MDAwMDkwOSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMzOTA1NzQ3NjAwMDA5MDkiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1ibG94aWRzX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNjgifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3VOir4BcWdhpXcWEuZOm4oreu9S0hAWF8pLS5BlMn6lOYMdBOzg5CPutwvfSCTicjLGydeRqPAHS5eEpVFXjAi4D1MeD5O%2BUHQbGLcteHXLPpeYoIzdiAkd26tLQ1MqOVvX28HDOYbaYw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998bd0c833827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:18 GMT

GET
H2 200 si
capi.connatix.com/tr/ 0
116 B 221ms
134ms Image
application/json 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/221512/ Frame 3E2B
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
https://cds.connatix.com/p/221512/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

993 KB
256 KB

68ms
3ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/221512/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9f10051de3737041d2ca17066ee12d3300e07192949e204a4de4d0045e008c93

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-encoding: br
last-modified: Fri, 03 Feb 2023 15:14:23 GMT
age: 141031
etag: "fd4d3710935266f201ffd9c39b60a87e"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 262225

Redirect headers

location: https://cds.connatix.com/p/221512/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
date: Sun, 05 Feb 2023 06:30:18 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97D4 43 B
215 B 185ms
181ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=72d88eac-314a-ccf3-e249-ec89ea14d0dd&tv=%7Bc:3keEMy,time:1065,type:e,im:%7Bpci:%7Btdr:1007%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1065,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1058~0%5D,as:%5B1058~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:217,fm:tuY57uN+11%7C12%7C13*.1333404-69041406%7C131%7C132%7C133%7C14.1333404-69042416%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:371%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97D4 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=72d88eac-314a-ccf3-e249-ec89ea14d0dd&tv=%7Bc:3keEQa,pingTime:0,time:1289,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:26%7D,%7Bpiv:100,vs:i,r:,t:1289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1282~0,0~100%5D,as:%5B1282~970.250%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1282~0,0~100%5D,as:%5B1282~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tuY57uN+11%7C12%7C13*.1333404-69041406%7C131%7C132%7C133%7C14.1333404-69042416%7C141%7C1421%7C143%7C15%7C1611%7C17,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:371%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:18 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 hls.ab55e91cf2e7990a858b.js
cds.connatix.com/p/221512/ Frame 3E2B 0
52 KB 21ms
20ms Other
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/221512/hls.ab55e91cf2e7990a858b.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-encoding: br
last-modified: Fri, 03 Feb 2023 15:14:24 GMT
age: 141031
etag: "6b88b3cdd11ae5d01a435e4b7663c889"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 53300

GET
H2 200 player.css
cds.connatix.com/p/221512/ 62 KB
11 KB 26ms
25ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/221512/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7cdda1d9ce421f1ff42f249cd83e733500330bd1515242284bcf7744cd5ba19e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
content-encoding: br
last-modified: Fri, 03 Feb 2023 15:14:24 GMT
age: 141032
etag: "69ecd6bfc2cd99024057394aba739397"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 11565

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
529 B 40ms
39ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDEzNzc3MzAwMDA2MDU1OSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwMCwxMjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDEzNzc3MzAwMDA2MDU1OSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJibG94aWRzX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQxMzc3NzMwMDAwNjA1NTkiLCJkb21haW5faWQiOiIyMzcwNjEiLCJ1bml0IjoiYmxveGlkc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY3NTU3ODYxNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTFmOGEzM2UtOWY5Ny00ZmQ2LTc2M2ItMDFjZDUwMWNjZmEwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wq%2F0WtavvQanUKAuOHgR8MyoyRY4IZyEJOfjauX8x7H9RLnZBCd04ykVLnQQF6IjvFtmjsbUXFkdVWo%2FJE9NPicBCk96x3L8qynInvb5I5rA6o44fdgz5xgz6H%2FLfo7smOnp2gQBtU8taQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998c01eca3827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:18 GMT

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame 3E2B 5 KB
4 KB 141ms
135ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=221512&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 210526d407cd4a23e9d28d7fc10f9c1dbb46fe155d49e5c19159bdc287dc5640

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-protobuf
access-control-allow-origin: https://bloxids.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3533

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 51ms
51ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloxids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 insights.bin Show response
ins.connatix.com/ae0e3a4eface04086f1a91f82de55641/ Frame 3E2B 396 B
485 B 251ms
220ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/ae0e3a4eface04086f1a91f82de55641/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: db308ee9740feb31956dd4099c06b9da158cbf9deac202405bfc3786f5d66a17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 19:34:04 GMT
age: 1487486
etag: "138c83dab5ff961040e63e2c12373e78"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 247

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 1333ms
1331ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2706236413843419&correlator=2648337625620332&eid=31072031%2C31072117%2C31071432%2C44777901%2C31071663&output=ldjh&gdfp_req=1&vrg=2023013101&ptt=17&impl=fifs&iu_parts=1254144%3A21793048808%2Cbloxids_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=88601467&didk=2259044073&sfv=1-0-40&ris=4&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D1369051298053905%26eid%3D1369051298053905%26t%3D134%26d%3D237061%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod43-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D27%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbloxids_com-medrectangle-2-1369051298053905%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10061%2C10015%2C10063%2C11307%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D81%2C189%2C120%2C67%2C49%2C192%2C81%2C20%2C26%2C156%2C205%2C0%2C136%2C159%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C2030%2C774%2C2030%2C19%2C2610%2C2688%2C3045%26lb%3D140%26reqt%3D1675578619059&eri=1&sc=1&cookie=ID%3Dbd92b69f1a402570%3AT%3D1675578615%3AS%3DALNI_MYMAEhOJhgHAmyo_SP53eYpdTmFAA&gpic=UID%3D00000bafb9d11787%3AT%3D1675578615%3ART%3D1675578615%3AS%3DALNI_MbwpDoLHfqRV-OMfVh20d4QVr8A1w&abxe=1&dt=1675578619095&lmt=1675578619&dlt=1675578615232&idt=246&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbloxids.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1334333727.1675578616&ga_sid=1675578616&ga_hid=1873576348&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYsdiSguIwSABSAghkEhkKCnB1YmNpZC5vcmcYzdiSguIwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLHYkoLiMEgAUgIIZBLCAQoIcnRiaG91c2USrAFXemVheTFqNjlFYWFwUjNVTWNQYW43NS84NlRzTnlSOXpSdlk1cWNKWU5tRjE4WVN3dEhDU3V0SXU5UFlsSTR2NUpEZ25DT0RsMEs4ZnNNa2g5dU1BRHpNTGw1UWxoMHJGTi9IWktoaUpSekZkdEFZa0g3SXQ0K3pXUFZjTjRHS0Q0TlQ5T3VZbWl2Z1RPSjFjL0d4c0ZHRDlkMEQ5aXNsLytTWCtLSSs4TmM9GKDakoLiMEgAEj4KBW9wZW54EixleUpwSWpvaWN6ZFdkM0JMTld4VE0zVkpUMjVGVms1TVVsSlpaejA5SW4wPRiI3ZKC4jBIABIZCgp1aWRhcGkuY29tGLHYkoLiMEgAUgIIZBIbCgxpZDUtc3luYy5jb20YztmSguIwSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e4be11e690ab155788ba8943ee81f8bc737c5310ebbd6d34505acb493f7ace7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9035
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloxids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6D65 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:6a2d:ee61:2480:5f8a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e3518b2b-254d-7823-4274-28f5a627d634&tv=%7Bc:3keEVE,pingTime:-10,time:1506,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675578618158%7C%7Cf61ecbea4347337fc9efcd9b0fb3e185%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C99890560f0e2a5070770790c1c2fe42d%7C%7C8ee8ad48398ec7d8a4488fd7c87ec214%7C%7C1a0e478dd4eb1e6f8cfdd9e53c427767%7C%7C0ee7f3e4ca17cbeb9ac151ea6284e91a%7C%7Cf3f1e5cc4695fee630aa03379189681e%7C%7C1663701684,sca:%7Bspg:72d88eac-314a-ccf3-e249-ec89ea14d0dd%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6a2d:ee61:2480:5f8a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:19 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame 3E2B 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f00f7401c1f4a38d36047ab0292fd869538b950343c2e353760e8062ad947a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27285
x-xss-protection: 0
server: sffe
etag: "1473 / 676 of 1000 / last-modified: 1675465921"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Feb 2023 06:30:19 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3E2B 0
0

POST g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 3E2B 0
0

GET elements.ui.d0eed37cb6f38e53490e.js
cds.connatix.com/p/221512/ Frame 3E2B 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 97D4 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 6D65 0
0

POST iev
csm.fr.eu.criteo.net/ Frame 4BE6 0
0

GET
H2 200 prebid7.17.0-6.js Show response
cds.connatix.com/p/plugins/ 513 KB
139 KB 28ms
28ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid7.17.0-6.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37849c48f8290006e74d3fc212cbcfca24c21ca24a80b54ff44809174be83c7c

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
content-encoding: br
last-modified: Wed, 04 Jan 2023 11:20:43 GMT
age: 2747343
etag: "65d6aab2a72ea26ce1d7704fb112547a"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 141685

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
532 B 37ms
36ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjUzNTQ1NjUxMjA1OTIzNyIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BAlCXTBNmFb5rXc86LrWExs0%2B1SauSG1dV18JIK8q1T%2BdxiB38zvnkGC6LWdFa4kJ%2BwqCMXs2MzHYRtM6OqLAKdZjKsvOSK8lzBbHONY19VXNVZ6zAHgkODmOyFLF2G94Ke0ziJZPftqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998c3b9dc3827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:20 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 158ms
77ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=appnexus,onetag,pubmatic,rubicon,yieldmo&cb=195-0-50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bloxids.com
date: Sun, 05 Feb 2023 06:30:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 8 KB
5 KB 320ms
227ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&rp_schain=1.0,1!ezoic.ai,4ff1c1d97486bac3b807c0cbb553dc1b,1,,,bloxids.com&eid_quantcast.com=P0-1741357982-1675578615570%5E1&eid_pubcid.org=58a092a6-b194-4b99-886f-3dabd955a7b3%5E1&rf=https%3A%2F%2Fbloxids.com%2F&tk_flint=pbjs_lite_v7.17.0&x_source.tid=c451573c-3aeb-4a9e-80df-cb5e9f378cc1&l_pb_bid_id=77b236dd0832d1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4773810647977359
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=appnexus,onetag,pubmatic,rubicon,yieldmo&cb=195-0-50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9ab673a9dc81daf8562f96724b7d3222c9cfd34cf07d5331b619e3c9a6309586

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:21 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bloxids.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
787 B 187ms
95ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=57&rp_schain=1.0,1!ezoic.ai,4ff1c1d97486bac3b807c0cbb553dc1b,1,,,bloxids.com&eid_quantcast.com=P0-1741357982-1675578615570%5E1&eid_pubcid.org=58a092a6-b194-4b99-886f-3dabd955a7b3%5E1&rf=https%3A%2F%2Fbloxids.com%2F&tk_flint=pbjs_lite_v7.17.0&x_source.tid=4743c386-15b9-4323-9c82-c9e3ddce63c5&l_pb_bid_id=864f0cf1f4778a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4018044240773211
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=appnexus,onetag,pubmatic,rubicon,yieldmo&cb=195-0-50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3016ef508a7792ec28e47228e97acd4c42818c6905ee8f22b8b96d9bd264472a

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bloxids.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
562 B 188ms
96ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&rp_schain=1.0,1!ezoic.ai,4ff1c1d97486bac3b807c0cbb553dc1b,1,,,bloxids.com&eid_quantcast.com=P0-1741357982-1675578615570%5E1&eid_pubcid.org=58a092a6-b194-4b99-886f-3dabd955a7b3%5E1&rf=https%3A%2F%2Fbloxids.com%2F&tk_flint=pbjs_lite_v7.17.0&x_source.tid=5afccb0f-411d-4728-892a-195c9fe13510&l_pb_bid_id=9fad1d1ca04f9e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5228023050573538
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=appnexus,onetag,pubmatic,rubicon,yieldmo&cb=195-0-50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f3631e0e6a56a7916d43529dbc97c59c040aef5171437b209a9b301ab39f3864

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bloxids.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
563 B 198ms
106ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=14&rp_schain=1.0,1!ezoic.ai,4ff1c1d97486bac3b807c0cbb553dc1b,1,,,bloxids.com&eid_quantcast.com=P0-1741357982-1675578615570%5E1&eid_pubcid.org=58a092a6-b194-4b99-886f-3dabd955a7b3%5E1&rf=https%3A%2F%2Fbloxids.com%2F&tk_flint=pbjs_lite_v7.17.0&x_source.tid=9f82f8f3-9a6d-4fde-acbd-13173cce4033&l_pb_bid_id=10441495b46b889&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6016082135183181
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=appnexus,onetag,pubmatic,rubicon,yieldmo&cb=195-0-50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e74901fc2e4eb6e6c5bc54cb4014fd605715290cb2f23a9911b35ef97575312b

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 06:30:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bloxids.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
359 B 81ms
16ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=appnexus,onetag,pubmatic,rubicon,yieldmo&cb=195-0-50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://bloxids.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 76 KB
25 KB 181ms
181ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=appnexus,onetag,pubmatic,rubicon,yieldmo&cb=195-0-50

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f5bfc066baf73bb07cac043d4f4765a193aecbb86c156101b9a51522c567ba8c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 05 Feb 2023 06:30:20 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cc3b6384-f809-4541-833d-5e6a91f67710
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://bloxids.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
222 B 290ms
32ms XHR
text/plain 34.242.85.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=7.17.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-bloxids_com-medrectangle-2-0%22%2C%22callback_id%22%3A%2222c24eecf169091%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%22c451573c-3aeb-4a9e-80df-cb5e9f378cc1%22%2C%22auctionId%22%3A%2234ec0ae8-146a-43a3-8c76-85937c99840e%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-bloxids_com-box-2-0%22%2C%22callback_id%22%3A%222335e178444755%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%224743c386-15b9-4323-9c82-c9e3ddce63c5%22%2C%22auctionId%22%3A%2234ec0ae8-146a-43a3-8c76-85937c99840e%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-bloxids_com-medrectangle-3-0%22%2C%22callback_id%22%3A%2224363e75832335d%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%225afccb0f-411d-4728-892a-195c9fe13510%22%2C%22auctionId%22%3A%2234ec0ae8-146a-43a3-8c76-85937c99840e%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-bloxids_com-medrectangle-1-0%22%2C%22callback_id%22%3A%2225d28f3ba2a06f%22%2C%22sizes%22%3A%5B%5B250%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%229f82f8f3-9a6d-4fde-acbd-13173cce4033%22%2C%22auctionId%22%3A%2234ec0ae8-146a-43a3-8c76-85937c99840e%22%7D%5D&page_url=https%3A%2F%2Fbloxids.com%2F&bust=1675578620804&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=&w=1600&h=1200&pubcid=58a092a6-b194-4b99-886f-3dabd955a7b3&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%224ff1c1d97486bac3b807c0cbb553dc1b%22%2C%22domain%22%3A%22bloxids.com%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22quantcast.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22P0-1741357982-1675578615570%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2258a092a6-b194-4b99-886f-3dabd955a7b3%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=appnexus,onetag,pubmatic,rubicon,yieldmo&cb=195-0-50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.85.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-85-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloxids.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bloxids.com
pragma: no-cache
date: Sun, 05 Feb 2023 06:30:21 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H3 204 army.gif
bloxids.com/porpoiseant/ 0
527 B 17ms
16ms Ping
text/plain 2606:4700:3030::6815:2c0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxids.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2OTA1MTI5ODA1MzkwNSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjUzNTQ1NjUxMjA1OTIzNyIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTAwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzM5MDU3NDc2MDAwMDkwOSIsImRvbWFpbl9pZCI6IjIzNzA2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWJsb3hpZHNfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjc1NTc4NjE0LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhMWY4YTMzZS05Zjk3LTRmZDYtNzYzYi0wMWNkNTAxY2NmYTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: bloxids.com
URL: https://bloxids.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y13-4y17-5y1c-y23-3y24-4y25-6y31-4y38-8y5a-2y5e-22y65-1&cmbcb=123&sj=x04x02x06x07x0bx0dx13x17x1cx23x24x25x31x38x5ax5ex65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2c0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:30:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WEZIlQf0hWoHthWM2vmIdxGsWy551PRXECBCL9TIwXNGTiDRNuWxjSPse7vf8pw0mB3lOvcPJkn6A%2BMMWTtw7bSwvT8XC8MHJx4SWraSaisbNuGioDpl%2BAf8hYoejGiKxsAR4ApPz0ixg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bloxids.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 794998cc08433827-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 06:30:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: capi-tier-1-us-east-2.connatix.com
URL: https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=221512&cid=5f049401-746e-4449-8c27-b6b9d8e25882

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: capi-tier-1-us-east-2.connatix.com
URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=221512&cid=5f049401-746e-4449-8c27-b6b9d8e25882

Domain: cds.connatix.com
URL: https://cds.connatix.com/p/221512/elements.ui.d0eed37cb6f38e53490e.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttZ2OJRGW_yRTVpA7aKi63yh0vAR4Ik6XbxdCuvMn90Bi7X0_IJKOUTWwum6SQZ0CyriOycR0Q7Kbq3ZVUqk3SLiDp2-S1W9N-fMIDDiz8uuVMBsVZuzKxfR8C9WIPzxlQVuScEg&sai=AMfl-YQflq0A4kyPZ6NRr3xNx9SfFejQi36G4hQQwKpSLqlB3x-rYdsZuQFenN2_1-V75ffFFy-LkMFxFrmyB6m6HWc6mh3YFdV2egZJtBY7gU3v94zTVNWTROSt5RBPvLHMLqeyOFPoYcBqMci4gw&sig=Cg0ArKJSzPvke-va9wCZEAE&cid=CAQSTADUE5ymtjJo0PO9xjleOL01xcXibwMYe7MmD6QyWaqt2C3Jdrlnhhy9xFUAAbwKerE32JOlyqmEa_9XcJzXv3Pk4ZeZkKlcHMNq82EYAQ&id=lidartos&mcvt=2119&p=80,315,330,1285&mtos=2119,2119,2119,2119,2119&tos=2119,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3005794515&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=b&rst=1675578616892&rpt=393&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1VkJaS7YpHXbAjsrnmuPJrwnXRwnb-4kliS5CQHmLrGc16KSZPOJDb2YoId6-phAzzTNAZzLzdvgQFfcqFyBPP19z6go1i3mH-iq3aMtqk41luvSXAeCNwZq50yoy6FqsjsdxBQ&sai=AMfl-YRUJPAhgiAkekuks87SiZtaCCBMMOdLmIjIrqyLK3rCzCGOXuv3CAbn08cs8lWw2F6TAQEZ681BpYDtJWRULpUX_tvXYolha7Bs0PF8PQ7WbP0iJoUOJgT2aOn28Lxr3o1L9XyM1pO874ck_A&sig=Cg0ArKJSzD1mwLE8RYJ4EAE&cid=CAQSTADUE5ymtjJo0PO9xjleOL01xcXibwMYe7MmD6QyWaqt2C3Jdrlnhhy9xFUAAbwKerE32JOlyqmEa_9XcJzXv3Pk4ZeZkKlcHMNq82EYAQ&id=lidartos&mcvt=0&p=1295,436,1385,1164&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2382043524&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1675578616898&rpt=348&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Domain: csm.fr.eu.criteo.net
URL: https://csm.fr.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~137

Verdicts & Comments Add Verdict or Comment

318 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bloxids.com/	1970-01-20 09:26:25	Name: october_session Value: eyJpdiI6IjlYYmh3ZktLWDJRS0JHUU1sck1mNWc9PSIsInZhbHVlIjoiWUVWOThaV3cyQzI0Um1acGp5RUpBd245WHFmRktsS0RicGhpdTZueDhtY1U0SGhtYWN6VGh1NWxudWdiRGROTWdJRk1KZTl6OStmZWNQYWpEVG5UNXdEK2ZxeVRNV3VjSmJzYU9sR0x1cW1pOUNCZ2lFbjRuTjhSRzlEbVdwVjEiLCJtYWMiOiIzMzljZDc3OTlhOTgxYzU0NDQ5MTdkNzIwM2ZkNmQ2MGRiNjA5MzRlMTg0YTExOWVmNGExNDgzYjcxNDFmZjg3In0%3D
.bloxids.com/	1970-01-20 09:26:20	Name: ezoadgid_237061 Value: -1
.bloxids.com/	1970-01-20 09:26:25	Name: ezoref_237061 Value:
.bloxids.com/	1970-01-20 18:11:54	Name: ezosuibasgeneris-1 Value: 447f7671-8e39-4769-44cc-80ad0a42f3ec
.bloxids.com/	1970-01-20 09:26:25	Name: ezoab_237061 Value: mod43-c
.bloxids.com/	1970-01-20 09:29:11	Name: active_template::237061 Value: pub_site.1675578614
.bloxids.com/	1970-01-20 09:26:20	Name: ezopvc_237061 Value: 1
.bloxids.com/	1970-01-20 09:27:45	Name: ezepvv Value: 0
.bloxids.com/	1970-01-20 09:26:20	Name: ezovid_237061 Value: 1418659359
.bloxids.com/	1970-01-20 09:26:20	Name: lp_237061 Value: https://bloxids.com/
.bloxids.com/	1970-01-20 09:29:11	Name: ezovuuidtime_237061 Value: 1675578615
.bloxids.com/	1970-01-20 09:26:20	Name: ezovuuid_237061 Value: 98b6ecb2-3391-40c1-4170-16bedab65b0d
bloxids.com/	1970-01-20 19:02:18	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
bloxids.com/	1970-01-20 19:02:18	Name: ezohw Value: w%3D1600%2Ch%3D1200
.bloxids.com/	1970-01-20 19:02:18	Name: _ga_DB9D1TK41K Value: GS1.1.1675578615.1.0.1675578615.0.0.0
.bloxids.com/	1970-01-20 19:02:18	Name: _ga Value: GA1.1.1334333727.1675578616
.quantserve.com/	1970-01-20 18:56:33	Name: mc Value: 63df4cf7-b17c8-f77bf-59aae
.bloxids.com/	1970-01-20 18:50:47	Name: __qca Value: P0-1741357982-1675578615570
bloxids.com/	1970-01-20 18:11:54	Name: ezux_lpl_237061 Value: 1675578615784\|a1f8a33e-9f97-4fd6-763b-01cd501ccfa0\|false
.bloxids.com/	1970-01-20 18:47:54	Name: __gads Value: ID=bd92b69f1a402570:T=1675578615:S=ALNI_MYMAEhOJhgHAmyo_SP53eYpdTmFAA
.bloxids.com/	1970-01-20 18:47:54	Name: __gpi Value: UID=00000bafb9d11787:T=1675578615:RT=1675578615:S=ALNI_MbwpDoLHfqRV-OMfVh20d4QVr8A1w
bloxids.com/	1969-12-31 23:59:59	Name: ezouspvh Value: 100
.criteo.com/	1970-01-20 18:47:54	Name: uid Value: 980d9934-57c6-454a-a461-33d537d6e96e
.adnxs.com/	1970-01-20 11:35:54	Name: uuid2 Value: 1843577340939233255
.casalemedia.com/	1970-01-20 18:11:54	Name: CMID Value: Y99M.Q4gMkRZheQK8rdBWAAA
.casalemedia.com/	1970-01-20 11:35:54	Name: CMPS Value: 1183
.casalemedia.com/	1970-01-20 11:35:54	Name: CMPRO Value: 1183
.bloxids.com/	1970-01-20 18:47:54	Name: cto_bundle Value: W2X_ZF9ZeWpjbkhkZUFZNHNIbDczdThLTCUyRmRNTFUxeFB4NzJ0U1pBaTV6dlczZTB1TlJhbUpvR2RhaEE2eExEJTJGOFEyViUyRkpYQWk5MlN6aktpTHY3SHJsZDk2ZVBjbDBRdjZYb09iczdQa0dGN2dWTFZoYVd5TEpCcjJYVWdoUEZ0dk5nbnJBcEI1QUczQVNZNk92OTVKeFNlQ1ElM0QlM0Q
.adnxs.com/	1970-01-20 11:35:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilft@8mn!]tbPl1M>e)ZlrFUfJ+tGXxp?Oqd6V^]hClIHFwZKJJ[^#T]8`dY7[N-713If)y3KL9D3I?+hL8BnM
.openx.net/	1970-01-20 18:11:54	Name: i Value: b3b570a4-ae65-4b7b-883a-711534b45162\|1675578617
.doubleclick.net/	1970-01-20 18:47:54	Name: IDE Value: AHWqTUnebijNIV8Vv4cG9i-G6giV1dqy98InHO4rPfGuN97VJL11HXG--bJlkyfxeQQ
bloxids.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 214
bloxids.com/	1969-12-31 23:59:59	Name: ezouspva Value: 3
.adfarm1.adition.com/	1970-01-20 11:35:54	Name: UserID1 Value: 7196555361913403531
.bidswitch.net/	1970-01-20 18:11:54	Name: tuuid Value: 3304943b-4a9a-4783-a2e9-fa851d689889
.bidswitch.net/	1970-01-20 18:11:54	Name: c Value: 1675578618
.bidswitch.net/	1970-01-20 18:11:54	Name: tuuid_lu Value: 1675578618
.360yield.com/	1970-01-20 11:35:54	Name: tuuid Value: cff35475-a742-494a-af3f-c5889de50393
.360yield.com/	1970-01-20 11:35:54	Name: tuuid_lu Value: 1675578618
.tribalfusion.com/	1970-01-20 11:35:54	Name: ANON_ID Value: avnsIHtMPmEUTgUpMDGjJZaiZc3pFAlZdyGg21VPparcbwgvESqt1VcbiJyWe510BQrUok9mI2bYG2dbEQTbDJ7DBYx
.id5-sync.com/	1970-01-20 09:26:18	Name: cf Value:
.id5-sync.com/	1970-01-20 09:26:18	Name: cip Value:
.id5-sync.com/	1970-01-20 09:26:18	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:26:18	Name: car Value:
.id5-sync.com/	1970-01-20 09:26:18	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:26:18	Name: callback Value:
bloxids.com/	1970-01-20 10:09:30	Name: _pbjs_userid_consent_data Value: 3524755945110770
.bloxids.com/	1970-01-20 18:11:54	Name: _sharedid Value: 58a092a6-b194-4b99-886f-3dabd955a7b3
.adnxs.com/	1970-01-20 11:35:54	Name: icu Value: ChgIuOw6EAoYASABKAEw_Jn9ngY4AUABSAEQ_Jn9ngYYAA..
.rubiconproject.com/	1970-01-20 18:11:54	Name: khaos Value: LDR08YCG-12-GD3B
.rubiconproject.com/	1970-01-20 18:11:54	Name: audit Value: 1\|naVuGyos1qpbnUnU7+QRTrJGe4Ni1ThWK2euPP2lVg2b55ZO9yeicydcM/TYm2+zrezWoIaLqTrAUJ+gL7gixRcCEW/sqkN2G7JtXJVTTK0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-6.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-6.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0454c236d7ef4556439cae6dfb9cddd4.safeframe.googlesyndication.com
a.tribalfusion.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
api.fouanalytics.com
basher.ezodn.com
bcp.crwdcntrl.net
bloxids.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.datatables.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cds.connatix.com
cm.g.doubleclick.net
csm.fr.eu.criteo.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
fastlane.rubiconproject.com
fonts.googleapis.com
fw.adsafeprotected.com
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
ins.connatix.com
invstatic101.creativecdn.com
match.360yield.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.quantserve.com
region1.google-analytics.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.adsafeprotected.com
static.criteo.net
sync.inmobi.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
capi-tier-1-us-east-2.connatix.com
cds.connatix.com
csm.fr.eu.criteo.net
imasdk.googleapis.com
pagead2.googlesyndication.com
141.95.33.111
151.101.2.137
151.101.66.137
172.217.23.98
174.137.133.49
178.250.0.157
18.65.39.15
185.64.189.112
185.80.39.216
20.127.253.7
2001:4860:4802:32::36
216.58.212.130
2600:1f13:800:7780:6a2d:ee61:2480:5f8a
2600:9000:2057:ea00:a:e047:752:5701
2600:9000:223c:cc00:6:44e3:f8c0:93a1
2600:9000:2304:4800:8:48e:53c0:93a1
2602:803:c003:200::31
2606:4700:10::6816:335d
2606:4700:10::ac43:266a
2606:4700:3030::6815:2c0e
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700::6812:acf
2606:4700:e4::ac40:a602
2606:4700:e4::ac40:a702
2606:4700:e4::ac40:a921
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
2a00:1450:400d:802::2002
2a00:1450:400d:803::2001
2a00:1450:400d:808::2002
2a00:1450:400d:808::2006
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:13::1400
34.102.146.192
34.120.135.53
34.242.85.41
34.249.82.170
34.96.70.87
35.158.235.130
35.190.39.111
35.244.159.8
37.252.171.52
51.75.86.98
52.208.76.249
52.29.198.232
85.114.159.118
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02769df91411966f24c194dec78e8819607d53ba6380958c98bf2e074320e35c
037ed33aaf844f455a473ac694d3be1562bfb014ceb82d10a3943575c8239360
044dc0b054c8f37d0198305d528679c11ed4f8c170132203f157fa5adc5a3a15
045c83a8ddc71464588e8bfdd691ea9b9e8418281d703fe9cb847e9411bae1ca
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
0c8e779a802ed20e7e80d430f5b401eb01f22a7c7697776c702bf20d24bb648f
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129abb7c690bdb6e3e87f1c505b0f0707ca7c2cb808c0a5e240ed37b804f50e2
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18d1146ad703fc2086964171657278690a2b86c051a2e301186c4de5fbf0f449
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f00f7401c1f4a38d36047ab0292fd869538b950343c2e353760e8062ad947a1
20f774d3967cf4b65190d54409e498c2a5f56c05860d679d81a0f87f50e2d8ea
210526d407cd4a23e9d28d7fc10f9c1dbb46fe155d49e5c19159bdc287dc5640
222274edcbd412177a0af78a09362dc1a4eac86138b54834801cb4cd4811d77e
23998fd7ba965222460874a23a2f0db55292d8ba7a3b80dc85242169bf2279e8
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27d7e1af775e7eac98166b6945dbae1de40fb93fb9bf993842342f7239cb75dd
28d6f3486c415290504ecd4c52ef429f08ad43cda991fd3127d2f4fb145ff6ea
2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c
2ab69b3b8880d3c06ad9ed475a991b254f30c255bc03c9702bc2769913e7804c
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f
3016ef508a7792ec28e47228e97acd4c42818c6905ee8f22b8b96d9bd264472a
3164394e59baec15294eab1dc07c19037b2f1d78e42e18b6badb85319703a3d4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37849c48f8290006e74d3fc212cbcfca24c21ca24a80b54ff44809174be83c7c
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
38fcf1f489091fd2c45462ac5c55d25e2d6e4a3d46e638ff184eeaed62896ddc
3a2db72aac919e456db5a8242f8c1cde393e615ebe1dc14414a518212cd0f093
3ee2edf2ddb1d690e30013c9af36fd43243bded4b13941716fe64bc54dd9c8f0
42fc99fa5a9b5f6bf982577fb2d24e6b703e51e43490af6d1fb451eb9f3f18e4
43d537d7868386a4c778c32ae64178c393fd2db241a44d038659be4ddae19664
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
4b20d0266609ebaefd5be24955f6d45d4a0addfb7512c52b4bd8754965c2d4f5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e4be11e690ab155788ba8943ee81f8bc737c5310ebbd6d34505acb493f7ace7
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
546de838820e3fdcf4a87553d59dc9c4e05ca6070aa7582254664b15209005be
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ed40a382b57effb53e10296e03a086b0a63664e55ecb7d167ca855ef5bcad5
58e665ff73e357f608f968a31d0cc28cd6ce81f0341736a350b22e22d56a8f15
59bd3e0afa79f40c1c8668bc2f36ee62e2c05532d8dd245d4819a2b88e6ab83e
5a4cb3f8080fa4b24d70dc74b7296fbf37cf32fea7c804b602de565a2af8ac19
5b175af8b251da9ece95ca626e0d7687c4445655cb323d3e8bd998fa504f67dc
5b4509bf827fa4fab50fb76490d1b9a8a5da3c02419776f66768ff5ae241e643
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6a1bc4ed6d1400c7bcf13fdffa9dfc4c85770127de7cbbf72e0be4c335d43d88
6bcedb3423e32dc5359e5353a5efd44c6a5c23e22acd62b226d64f447ca86d65
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
73065acb93584379bb8b2a81338c968567c8673409804dc85059fd5fdc16843c
74605b9495c29e6225c5416159bfcd2d55fb75959fc8c3edeab50034157f71ae
7cb6f39ae0c622292f3b23722249653e11dba33e1b8e1ab3889ef18c8798ee27
7cdda1d9ce421f1ff42f249cd83e733500330bd1515242284bcf7744cd5ba19e
7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8631edb616f94fb8f423ab4969f89bdbd302fbff1235002aecfcf7a0921530e7
88ce18ce2ff32e3fc8b213d6302d4896e4714ed46332a8cf19df7b4d9f726295
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8d94ddb75ef96849bd221057452f74a2e1776a1e2b7631bab771ae71d34c59a5
9020d2625849d8afdb2b1c4a77b0ad57d0f6da26979c5d153ec5f2d78fcf7d0c
9110a853300e0e603cf341795e1e7728b1922ce1b1e60b5369539f16892181d4
93e555cc4d504b4c07544f5c330fa321029e995827d7d14ec9925ac4e59ad261
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab673a9dc81daf8562f96724b7d3222c9cfd34cf07d5331b619e3c9a6309586
9cc26a0d85727a3f0bf2774141c68205b8f759a047c7ba1721f34854e0982397
9f10051de3737041d2ca17066ee12d3300e07192949e204a4de4d0045e008c93
9f73c2441e71d2b72dc629d53b99764351c88b77d0f3470259db9894f0c6a908
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3d035a43e378691c0090515954ae1affa1051c9b08361e64b9f21d5a8a0f084
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a597687caaf7f1669e151bc310e9c8e9b702fb33054e068447ea46ac059b282f
a5cc00998778521255371eaea3bef447f7678c31a9f2bf0c9fc99d1d2e302d97
aad30519a844c3abf62252a7379279e156287c8098f44e23c10646fef3daf7f6
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b13e01830c2220cd61e4ee73966557818c87a2d935fae0ce2cd6a29202124ab9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4
b647fad4304731e77a2666a51fd694d558521774f74a019ffe6bec10a1b2a9b1
ba0a6ace4f4d84add2dac5693204ab2229f5033b09325a9420c3825f2ccf68bf
bedace2cb6507c0da0b609df71822469a8772cbdff1954d28a85c4c83d5ba24d
bf5493f72a0782c614719edc45d6b23b2da5a4fa3ddbe7eaeec6940e70617312
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6c82e3589512b42474272e5986c03a856786010d425205bf03a7695e734641a
c8551d5827d3b97980f38b6448a6bc9aede2808c3e33ea5a24e49f89cafbe1a8
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c9868339a287d36283ae9c87cc936830db18e6deba6b68d0b5b9572e625fe5a1
cafa288086dbe4f3d472e651fc52ec04af9983a35b6f9b9ee0f52f55ce29551f
cf48b55aa04f23137a0130e30156a4123da584f956026f6282d2ba12faad9eab
d3f305e71d40a14f1aede17763781a06175f661e8931b3a4ac9d719daddc01e9
d5b6ebd94e15926993c5ac5c1e5169f6b80184baf04133f6ae5f3f8e58af19bd
db308ee9740feb31956dd4099c06b9da158cbf9deac202405bfc3786f5d66a17
db31a2d19cdf77193d601295a85a41741dd8422e6dc9c63f5a878e36a8945d45
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e147fffc7f6acc0513c66c6f8734b265bebfa00c6bf4f205a009f6f840fb8083
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e2218e1a345e2d9b9b4a3ab19f8a1dbd25866e51de1e65b472d226dbc2552491
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e445c862c08a932c22f1f079c562333cd5294504d0ac51f001dd11cbcee84fa0
e455579d544af9aa234a7d7cda3e705b9be4d98f8e1d4869d907dbf9d633771c
e4871560cb45c975e145854362f4d50804174171c877be9bfd3f2412d4615231
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e74901fc2e4eb6e6c5bc54cb4014fd605715290cb2f23a9911b35ef97575312b
ecaf625650197ec54e257058dc45e0ca3edc7e645a9ffdc1d9be80e3cafc6378
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f3631e0e6a56a7916d43529dbc97c59c040aef5171437b209a9b301ab39f3864
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5bfc066baf73bb07cac043d4f4765a193aecbb86c156101b9a51522c567ba8c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f92d69771a52ff2c2976096766e39dda9daaff5c0c8cf4b281b6f55ba1b7861c
f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9
fb275de8542c2555ea04946af999972b6e0040e5165996435f3ae1529e636b04
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fba4c2a97b1e1f14ae28086ce7c73e2099306bbd28198fb6e716ba574cce4c09
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
ffbce8dbb2e5fe154a842b04fb2f26d924b96e114f11016179308bf3b1eeba60

bloxids.com Open in urlscan Pro 2606:4700:3030::6815:2c0e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

246 Requests

90 %HTTPS

58 %IPv6

43 Domains

64 Subdomains

54 IPs

8 Countries

2535 kBTransfer

7181 kBSize

51 Cookies

0 Outgoing links

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bloxids.com Open in urlscan Pro
2606:4700:3030::6815:2c0e Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

90 %
HTTPS

58 %
IPv6

43
Domains

64
Subdomains

54
IPs

8
Countries

2535 kB
Transfer

7181 kB
Size

51
Cookies

246 HTTP transactions
2 data transactions