pixoguess.io Open in urlscan Pro
159.203.90.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pixoguess.io/
Effective URL:
https://pixoguess.io/
Submission: On June 19 via api (June 19th 2024, 4:52:02 am UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 20 domains to perform 63 HTTP transactions. The main IP is 159.203.90.241, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is pixoguess.io.
TLS certificate: Issued by E6 on June 17th 2024. Valid for: 3 months.

This is the only time pixoguess.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	159.203.90.241 159.203.90.241	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:20:... 2606:4700:20::681a:3e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	93.119.15.97 93.119.15.97	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
2	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	87.230.98.76 87.230.98.76	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
2	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 _) (CDN77 _)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	156.146.33.137 156.146.33.137	60068 (CDN77 _) (CDN77 _)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
4	104.18.43.178 104.18.43.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	164.90.226.2 164.90.226.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
63	28

12 159.203.90.241 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: pixoguess.io

pixoguess.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:3e8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.119.15.97 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 93-119-15-97.colo.transip.net

stats.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

country.adinplay-venatus.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.230.98.76 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5050018.psmanaged.com

c.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 156.146.33.137 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 494557430.fra.cdn77.com

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 164.90.226.2 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: icons.ui.kvass.no

icons.ui.kvass.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	pixoguess.io pixoguess.io	3 MB
7	consentmanager.net c.delivery.consentmanager.net — Cisco Umbrella Rank: 30474 cdn.consentmanager.net — Cisco Umbrella Rank: 15090	159 KB
4	kvass.no icons.ui.kvass.no	3 KB
4	the-ozone-project.com elb.the-ozone-project.com — Cisco Umbrella Rank: 5072	2 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 283 acdn.adnxs.com — Cisco Umbrella Rank: 631	8 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 560 eus.rubiconproject.com — Cisco Umbrella Rank: 666	2 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 772	1 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 ad.doubleclick.net — Cisco Umbrella Rank: 164	178 KB
4	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 28759 stats.adinplay.com — Cisco Umbrella Rank: 41221	212 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2437	24 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1356	104 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1085	1 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1074 api.btloader.com — Cisco Umbrella Rank: 1183	25 KB
2	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1669	48 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 538	138 KB
1	workers.dev country.adinplay-venatus.workers.dev — Cisco Umbrella Rank: 81957	498 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	102 KB
63	20

	Domain	Requested by
12	pixoguess.io	pixoguess.io cadmus.script.ac
4	icons.ui.kvass.no	cadmus.script.ac
4	elb.the-ozone-project.com	api.adinplay.com cadmus.script.ac
4	onetag-sys.com	api.adinplay.com cadmus.script.ac
4	cdn.consentmanager.net	cadmus.script.ac pixoguess.io
3	ib.adnxs.com	api.adinplay.com
3	fastlane.rubiconproject.com	api.adinplay.com
3	c.delivery.consentmanager.net	cadmus.script.ac pixoguess.io
3	securepubads.g.doubleclick.net	api.adinplay.com cadmus.script.ac imasdk.googleapis.com
2	script.4dex.io	cadmus.script.ac
2	i.clean.gg	cadmus.script.ac
2	ad-delivery.net	pixoguess.io
2	cadmus.script.ac	api.adinplay.com cadmus.script.ac
2	stats.adinplay.com	api.adinplay.com
2	api.adinplay.com	pixoguess.io api.adinplay.com
1	pagead2.googlesyndication.com	cadmus.script.ac
1	eus.rubiconproject.com	cadmus.script.ac
1	acdn.adnxs.com	cadmus.script.ac
1	region1.google-analytics.com	cadmus.script.ac
1	ad.doubleclick.net	pixoguess.io
1	api.btloader.com	btloader.com
1	btloader.com	api.adinplay.com
1	imasdk.googleapis.com	api.adinplay.com
1	country.adinplay-venatus.workers.dev	api.adinplay.com
1	cdn.jsdelivr.net	api.adinplay.com
1	www.googletagmanager.com	pixoguess.io
63	26

This site contains links to these domains. Also see Links.

Domain
adinplay.com
discord.gg

Subject Issuer	Validity	Valid
pixoguess.io E6	`2024-06-17` - `2024-09-15`	3 months	crt.sh
adinplay.com WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
stats.adinplay.com R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh
script.ac E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
adinplay-venatus.workers.dev WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
c.delivery.consentmanager.net R10	`2024-06-12` - `2024-09-10`	3 months	crt.sh
1376624012.rsc.cdn77.org R3	`2024-04-26` - `2024-07-25`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
the-ozone-project.com WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh
icons.ui.kvass.no R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://pixoguess.io/
Frame ID: E63FF71BF24C4351E37C35CC13954B5D
Requests: 57 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 44E832219DDEAF9EE01D5316F4137569
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent=
Frame ID: DDE836CD7028634A13F0E6697CC822A8
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1718772718285&bidder=ozone
Frame ID: 07B41328999DDC95CD5236628303888E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1718772718281&gdpr=0&gdpr_consent=
Frame ID: F9D33227F6F4D2FE0BEDB139C49918DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pixoguess.io

Page URL History Show full URLs

http://pixoguess.io/ HTTP 307
https://pixoguess.io/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

63
Requests

100 %
HTTPS

39 %
IPv6

20
Domains

26
Subdomains

28
IPs

5
Countries

3699 kB
Transfer

5731 kB
Size

37
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://adinplay.com/privacy-and-cookies-policy/
Title: Privacy notice

Search URL Search Domain Scan URL

URL: https://adinplay.com/?utm_source=publishers&utm_medium=cmp

Search URL Search Domain Scan URL

URL: https://discord.gg/Rbu8uGCyM6
Title: Discord

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pixoguess.io/ HTTP 307
https://pixoguess.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pixoguess.io/
Redirect Chain

http://pixoguess.io/
https://pixoguess.io/

2 KB
2 KB

400ms
96ms

Document
text/html

159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixoguess.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: 796b0797a49402343be93b6eb77b6ea7f959f3cc4d5069a3327997ca5296f993

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 2397
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 04:51:57 GMT
etag: "se78j31ul"
last-modified: Tue, 28 May 2024 14:06:39 GMT
server: Caddy

Redirect headers

Location: https://pixoguess.io/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 font.css
pixoguess.io/fonts/ 690 B
754 B 97ms
96ms Stylesheet
text/css 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixoguess.io/fonts/font.css
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: 4080d6140d8f11e92328996fd5ad9cf5076e1360b7c28ef3c99c90d890009590

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
last-modified: Tue, 28 May 2024 14:06:38 GMT
server: Caddy
etag: "se78j2j6"
content-type: text/css; charset=utf-8
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 690

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/ 701 KB
211 KB 57ms
30ms Script
application/javascript 2606:4700:20::681a:3e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd644fcb4894d969f887d77cdd2309a4cae8b6ced04cdd7b1cf4e16b44ba657f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26747
x-host: adinplay-1
last-modified: Wed, 29 May 2024 07:45:41 GMT
server: cloudflare
etag: W/"6656dd25-af21f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kvQ2HxPGs8OOsdVWvuNUSqzZ5yz6FhooyfA0Gspzd2WAh7CyDfB2Y28iBVsOrwWUqPOlN6jkuVD4dqjy2hSSi00AmOyvVta5yAcmcDfLyP91%2FrwtcJ9jjy5uVGvXWARugN%2BFKQpbd9CtZwbI2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 8960e82afa3d9143-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
102 KB 153ms
58ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4G875X3V44

Requested by

Host: pixoguess.io
URL: https://pixoguess.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0db5eda2ed0ce308ac67a7593a228f8cf7f75d290f328c9010d02a1dc90e7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 04:51:57 GMT

GET
H2 200 index-a0b31d46.js Show response
pixoguess.io/assets/ 2 MB
2 MB 193ms
192ms Script
text/javascript 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixoguess.io/assets/index-a0b31d46.js
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: 55aeb66fcc3c7306176c589bb213bd92930ebb1ac4c9ea196528fd370f7932c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Origin: https://pixoguess.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
last-modified: Tue, 28 May 2024 14:06:39 GMT
server: Caddy
etag: "se78j31gqpj"
content-type: text/javascript; charset=utf-8
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 2460727

GET
H2 200 index-dbc5bdbc.css
pixoguess.io/assets/ 142 KB
142 KB 96ms
96ms Stylesheet
text/css 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixoguess.io/assets/index-dbc5bdbc.css
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: dbc5bdbc652e1bd2d47f291f9e5f258afb13fe3c613a5cd73792919ff8c57ae6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
last-modified: Tue, 28 May 2024 14:06:39 GMT
server: Caddy
etag: "se78j333tj"
content-type: text/css; charset=utf-8
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 144919

OPTIONS
H/1.1 200
OK collect
stats.adinplay.com/ Frame 0
0 55ms
17ms Preflight 93.119.15.97
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.adinplay.com/collect
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 93.119.15.97 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 93-119-15-97.colo.transip.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pixoguess.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, cache-control, Accept, Authorization, Credentials
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Wed, 19 Jun 2024 04:51:57 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 script.js Show response
cadmus.script.ac/d1r100yi8pmbig/ 138 KB
48 KB 42ms
17ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e741a1e13b2b4c6cea828aee2b1da75b8c4d130b1d88e78ba8cd31474d06c8a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 18:19:04 GMT
server: cloudflare
age: 0
etag: W/"3acbc81b05379fe12299f645d905e763589d8c89"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8960e82c4b9cbb73-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 27ms
6ms Fetch
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240619

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f101735f56473566d5b552a1e9293d055369fdfcc49aba2a51572a89fe31090b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 04:51:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3064
x-jsd-version: 1.0.2091
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 820
x-served-by: cache-fra-eddf8230059-FRA
x-jsd-version-type: version
etag: W/"639-gsKSBEJg2erw12KM6dv1vOCeZ6E"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 / Show response
country.adinplay-venatus.workers.dev/ 2 B
498 B 50ms
21ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://country.adinplay-venatus.workers.dev/
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkJcYhpeZxi9Q7V4KKE5imVRviACbh5RYQvYaAhDOL9yGzgvIsiXmpeYjfAE0QRZ%2FtnUJ%2BHtOuabrEcBL1aYoRg2GiKCI4JAI0g8t%2BYVA7blXgq15IQKx7Jyt%2B%2FVkbFF5D5TSJLG6jpibz2%2BSEgU%2BfBu65rlJIQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain;charset=UTF-8
cf-ray: 8960e82c4c259046-FRA
access-control-allow-headers: Content-Type
content-length: 2
alt-svc: h3=":443"; ma=86400

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
32 KB 238ms
84ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

83e8e525ccea212b31bdea319a72117535c56d0542a63284d16868eb02183498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32323
x-xss-protection: 0
server: cafe
etag: 33 / 19893 / m202406130101 / config-hash: 5515444381961717830
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jun 2024 04:51:57 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 402 KB
138 KB 150ms
48ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6f944ee53b7874d4811c2365cb731b1c48a71fc99a28b9dd592c96a4a05bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141204
x-xss-protection: 0
expires: Wed, 19 Jun 2024 04:51:57 GMT

GET
H2 200 tag Show response
btloader.com/ 82 KB
25 KB 40ms
23ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf98dffb7738c054fb2db152e060fa702a5ab8fd0c6a0c9424b85840ce414bd2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 04:11:57 GMT
server: cloudflare
age: 2221
etag: "7f53ff55ae062e0d107543cfb29bd4ba"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8960e82c3aa91981-FRA
content-length: 25134

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
349 B 19ms
19ms Script
application/javascript 2606:4700:20::681a:3e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1761450
x-host: adinplay-1
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMLIf%2FA2PeXGcnodsz9z4yHQCm6EavOzeavrMfjwR72%2BVvFv465UJl7Ascmbc0hv5T2XZfqzJmQAkSLcB5bFqBiQ09h1ew1%2FcH8bPx9aliQaPhdhC6mMZFpBAyc3zMtcZoLbKdSQvypU2EkgSJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8960e82c2b389143-FRA

POST
H/1.1 200
OK collect Show response
stats.adinplay.com/ 0
909 B 22ms
20ms XHR
text/plain 93.119.15.97
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.adinplay.com/collect

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

93.119.15.97 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

93-119-15-97.colo.transip.net

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 19 Jun 2024 04:51:57 GMT
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Cross-Origin-Opener-Policy: same-origin
Expect-CT: max-age=0
X-Frame-Options: DENY
X-Download-Options: noopen
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?1

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 442ms
123ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 19 Jun 2024 04:51:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 51ms
30ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1320215
x-guploader-uploadid: ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSJP5LXLAixugjHaPTihqxJ3RVwAV8AwoKA8cTcnuQbqWYA3GaK1NySPpglOAHjXbkK1EyQFaLjjN4jEkXbEr6y1qq%2FhLd70Cu89fnRIt4vbbqiX0c3QG5%2F4tYBeLlmbbT6U1TdO9yiXkpfsOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8960e82c9e1f9261-FRA
expires: Mon, 03 Jun 2024 22:33:32 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 95ms
38ms Image
image/x-icon 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pixoguess.io
URL: https://pixoguess.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 04:39:47 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
919 B 50ms
29ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5881570587018692
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1320215
x-guploader-uploadid: ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tf8S%2FUkVDSsUZ8yqjY56ZLS6kvoC7k5xtinVuiPBF5YIR7mBXcYMhlUGHR6Mi1QwL1q2P04DFJRNH%2B6VSXmL%2BgjNm5KD3AOLi2uSuQck6RQX5KDQ2aTd0YBCru3Sd8xZV2Qbdz6kuea7lbmvuw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8960e82c9e209261-FRA
expires: Mon, 03 Jun 2024 22:33:32 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 103ms
102ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 150ms
100ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pixoguess.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 19 Jun 2024 04:51:57 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H/1.1 200
OK cmp.php Show response
c.delivery.consentmanager.net/delivery/ 5 KB
3 KB 68ms
16ms Script
text/javascript 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.delivery.consentmanager.net/delivery/cmp.php?id=13566cdid=abbb821549a1&h=https%3A%2F%2Fpixoguess.io%2F&&__cmpfcc=1&l=en&o=1718772717521

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

e4ddaf7722e840f95d5de9d15fbe6635065ead7ff84c9be9dcf3531037f8340b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: gzip
last-modified: Wed, 19 Jun 2024 04:51:57 GMT
transfer-encoding: chunked
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
edge-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.net/delivery/js/ 421 KB
92 KB 54ms
8ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 988f5b4312e07e5c63634530a4efbf3bb707231be9ddf909e865fecb7f217090

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: gzip
x-accel-date-max: 1718727505
x-77-cache: HIT
x-cache: HIT
edge-control: max-age=86400
x-age: 45212
x-accel-date: 1718727505
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3nLAAAAwBJRPCNAH3BgAAAA
x-accel-expires: @1718813899
x-77-age: 45212
last-modified: Tue, 18 Jun 2024 16:17:16 GMT
server: CDN77-Turbo
etag: W/"695ec-61b2c6a49db00"
x-77-nzt-ray: f6587a1dd3863519ed637266982cef21
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Wed, 19 Jun 2024 16:18:19 GMT

GET
H2 200 bV8xLndfMTM1NjYucl9HRFBSLmxfZW4uZF81MzI0LnhfMjIudi5wLnRfNTMyNC54dF8zMg.js Show response
cdn.consentmanager.net/delivery/customdata/ 194 KB
33 KB 8ms
7ms Script
text/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfMTM1NjYucl9HRFBSLmxfZW4uZF81MzI0LnhfMjIudi5wLnRfNTMyNC54dF8zMg.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

b0bbe7d04def5dd2eed5db2f869f025934d70ee6ae3e9ed8fe08406c52ab58e7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: gzip
x-accel-date-max: 1718772402
x-77-cache: HIT
x-cache: HIT
edge-control: public, max-age=1800
x-age: 315
x-accel-date: 1718772402
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-77-nzt: EgwBnJIhiAH3OwEAAAwBJRPCMQH3tAAAAA
x-accel-expires: @1718774022
x-77-age: 315
last-modified: Wed, 19 Jun 2024 04:43:42 GMT
server: CDN77-Turbo
x-77-nzt-ray: f6587a1dd3863519ed637266a6226923
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
expires: Wed, 19 Jun 2024 05:13:42 GMT

GET
H/1.1 200
OK /
c.delivery.consentmanager.net/delivery/info/ 43 B
404 B 13ms
12ms Image
image/gif 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.delivery.consentmanager.net/delivery/info/?id=13566&did=1&cfdid=25962&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Fpixoguess.io%2F&o=1718772717635&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=32&dv=22&

Requested by

Host: pixoguess.io
URL: https://pixoguess.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:57 GMT
last-modified: Wed, 19 Jun 2024 04:51:57 GMT
content-type: image/gif
access-control-allow-origin: *
edge-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
c.delivery.consentmanager.net/delivery/info/ 43 B
404 B 27ms
13ms Image
image/gif 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.delivery.consentmanager.net/delivery/info/?id=13566&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fpixoguess.io%2F&o=1718772717636&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=32&dv=22&

Requested by

Host: pixoguess.io
URL: https://pixoguess.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:57 GMT
last-modified: Wed, 19 Jun 2024 04:51:57 GMT
content-type: image/gif
access-control-allow-origin: *
edge-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 54ms
18ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4G875X3V44&gtm=45je46h0v9177247434za200&_p=1718772717447&gcs=G10-&gcd=13m3l3m2m5&npa=1&dma_cps=-&dma=1&tcfd=10v4b&tag_exp=0&cid=758490629.1718772718&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1718772717&sct=1&seg=0&dl=https%3A%2F%2Fpixoguess.io%2F&dt=Pixoguess.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=870&_z=fetch
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pixoguess.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/ 467 KB
146 KB 37ms
37ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 22:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23604
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149174
x-xss-protection: 0
server: cafe
etag: 3598326600462146374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 18 Jun 2025 22:18:33 GMT

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 64 B
59 B 150ms
75ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fpixoguess.io%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

bd7f5d90a7046f13d6acaaddccfe41823ac998ae2f2271f3a2adbe78f37a1d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0
expires: Wed, 19 Jun 2024 04:51:57 GMT

GET
H3 200 bg.svg
pixoguess.io/assets/Background/ 47 KB
47 KB 118ms
118ms Image
image/svg+xml 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixoguess.io/assets/Background/bg.svg
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/assets/index-dbc5bdbc.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: 53ceb95c1e7684c644f9f0dd6680279cfa63b35997bb84bb9b84a259e99f10f6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/assets/index-dbc5bdbc.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:57 GMT
last-modified: Tue, 28 May 2024 14:06:38 GMT
server: Caddy
accept-ranges: bytes
etag: "se78j210u1"
content-length: 47737
content-type: image/svg+xml

GET
H3 200 logo1592405744x390.gif
cdn.consentmanager.net/delivery/img/ 29 KB
29 KB 7ms
7ms Image
image/gif 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/img/logo1592405744x390.gif
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 73e80796df0f325249f01776635aecedb926aaa6df8404c66aedb6941f95d918

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 19 Jun 2024 04:51:57 GMT
x-accel-date-max: 1708091136
x-77-cache: HIT
x-cache: HIT
edge-control: max-age=2592000
x-age: 10681581
x-accel-date: 1708091136
alt-svc: h3=":443"; ma=86400
content-length: 29354
x-77-nzt: EgwBnJIhiAH37fyiAAwBJRPCLgH3LgEAAA
x-accel-expires: @1739626834
x-77-age: 10681581
last-modified: Tue, 08 Feb 2022 14:38:47 GMT
server: CDN77-Turbo
etag: "72aa-5d782acc0f8e6"
x-77-nzt-ray: f6587a1d86862b22ed63726684e5a02c
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 13:40:34 GMT

GET
H3 200 en.gif
cdn.consentmanager.net/delivery/flags/ 384 B
821 B 8ms
8ms Image
image/gif 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/flags/en.gif
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 19 Jun 2024 04:51:57 GMT
x-accel-date-max: 1708090816
x-77-cache: HIT
x-cache: HIT
edge-control: max-age=2592000
x-age: 10681901
x-accel-date: 1708090816
alt-svc: h3=":443"; ma=86400
content-length: 384
x-77-nzt: EgwBnJIhiAH3Lf6iAAwB1GY4EQH3FQAAAA
x-accel-expires: @1739626795
x-77-age: 10681901
last-modified: Mon, 14 Jun 2021 21:37:37 GMT
server: CDN77-Turbo
etag: "180-5c4c0aa828a40"
x-77-nzt-ray: f6587a1d86863222ed637266ffdea92c
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 13:39:55 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 1 KB
1 KB 62ms
24ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 04:51:58 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 28 May 2024 12:41:22 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 256927
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AHlL1JauONFYFa4ihVVI%2BIuUhDd4YQShlxLDCEzr61ypuqqjK5XRgMwUGYa7lcVdzkgm%2BmsVVlvHbpb1WCkezznutzkHS%2BSsbqeoL2%2B9qye%2F%2BRcpPJs3lROsQk64tMDoMt0ibXXNwO9wVGhj"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8960e830d8474d25-FRA

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
409 B 32ms
8ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pixoguess.io
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 394 B
907 B 62ms
18ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=43&alt_size_ids=44&gdpr=0&rp_schain=1.0,1!adinplay.com,PXG,1,,,&rf=https%3A%2F%2Fpixoguess.io%2F&tg_i.domain=pixoguess.io&tg_i.page=https%3A%2F%2Fpixoguess.io%2F&tg_i.pbadslot=pixoguess-io_320x50&tk_flint=pbjs_lite_v8.43.0&l_pb_bid_id=48917d4105df8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=pixoguess-io_320x50&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.9989865204164434
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5ca7e2d6e114d9244f352723e8bccb8968a526800f55fbf26c494619d6526925

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pixoguess.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 394
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
6 KB 193ms
148ms Fetch
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

9427d82e5b874a955ae4cbcf164f2b53c54982165dd8de3d65cc710f7f38eb39

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:58 GMT
content-encoding: gzip
an-x-request-uuid: 4a873a8f-7bb6-4e3d-b8b0-2b6c7d874a14
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pixoguess.io
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.133; 185.213.155.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 2 B
663 B 95ms
66ms Fetch
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://pixoguess.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8960e830dddb4db0-FRA
content-length: 2
expires: 0

GET
H3 200 guess.mp3 Show response
pixoguess.io/assets/Sounds/ 16 KB
16 KB 119ms
119ms XHR
audio/mpeg 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixoguess.io/assets/Sounds/guess.mp3
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/assets/index-a0b31d46.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: 500767ef44621760609a29ca42122f03fa0601d68052e14fe9d59f7b9bcab3d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
last-modified: Tue, 28 May 2024 14:06:38 GMT
server: Caddy
accept-ranges: bytes
etag: "se78j2coq"
content-length: 16442
content-type: audio/mpeg

GET
H3 200 DE.svg
pixoguess.io/assets/flags/ 269 B
364 B 118ms
118ms Image
image/svg+xml 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixoguess.io/assets/flags/DE.svg
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/assets/index-dbc5bdbc.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: 65010dc8783742d12525e4b4bf45c0782b3e3ed2fa3ada394fee25a3ab7c5c1b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/assets/index-dbc5bdbc.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
last-modified: Tue, 28 May 2024 14:06:38 GMT
server: Caddy
accept-ranges: bytes
etag: "se78j27h"
content-length: 269
content-type: image/svg+xml

GET
H3 200 FF-Unit-Pro-Regular.otf
pixoguess.io/fonts/ 146 KB
146 KB 125ms
125ms Font
application/vnd.oasis.opendocument.formula-template 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixoguess.io/fonts/FF-Unit-Pro-Regular.otf
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/fonts/font.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: 8e73aa76ae2889d6913cb7c8c2ef1d369b2e3ab75a52ec3ceb2a899781d0d278

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/fonts/font.css
Origin: https://pixoguess.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
last-modified: Tue, 28 May 2024 14:06:38 GMT
server: Caddy
accept-ranges: bytes
etag: "se78j23778"
content-length: 149300
content-type: application/vnd.oasis.opendocument.formula-template

GET
H3 200 hydrophilia-iced-regular.otf
pixoguess.io/fonts/ 26 KB
27 KB 120ms
120ms Font
application/vnd.oasis.opendocument.formula-template 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixoguess.io/fonts/hydrophilia-iced-regular.otf
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/fonts/font.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: 2ed3aaabe69fccccdbd066e9f8c9674b8f2bba0111f556070554312b18f2f508

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/fonts/font.css
Origin: https://pixoguess.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
last-modified: Tue, 28 May 2024 14:06:38 GMT
server: Caddy
accept-ranges: bytes
etag: "se78j2kwk"
content-length: 27092
content-type: application/vnd.oasis.opendocument.formula-template

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
408 B 8ms
7ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pixoguess.io
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
829 B 31ms
14ms Fetch
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

bd010e8d713d3f1cab2af7136ae01b7b848af4064f1baa8fde59fdea9e7bc9ce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:58 GMT
an-x-request-uuid: d059baed-046b-472a-8069-f0fc80def8a2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pixoguess.io
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.133; 185.213.155.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 2 B
848 B 62ms
59ms Fetch
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://pixoguess.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8960e830ddde4db0-FRA
content-length: 2
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 399 B
741 B 35ms
20ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&alt_size_ids=9%2C8%2C10&gdpr=0&rp_schain=1.0,1!adinplay.com,PXG,1,,,&rf=https%3A%2F%2Fpixoguess.io%2F&tg_i.domain=pixoguess.io&tg_i.page=https%3A%2F%2Fpixoguess.io%2F&tg_i.pbadslot=pixoguess-io_300x600&tk_flint=pbjs_lite_v8.43.0&l_pb_bid_id=162818cba08a23b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=pixoguess-io_300x600&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.6743737265039751
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e983ff903a5073b8388da9e6ec89e3350a69fc12d62be000ad7661b845ad68c6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pixoguess.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 399
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
408 B 8ms
7ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pixoguess.io
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 401 B
741 B 31ms
19ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&alt_size_ids=9%2C8%2C10&gdpr=0&rp_schain=1.0,1!adinplay.com,PXG,1,,,&rf=https%3A%2F%2Fpixoguess.io%2F&tg_i.domain=pixoguess.io&tg_i.page=https%3A%2F%2Fpixoguess.io%2F&tg_i.pbadslot=pixoguess-io_300x600_2&tk_flint=pbjs_lite_v8.43.0&l_pb_bid_id=202e86afed7b2aa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=pixoguess-io_300x600_2&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.1403016027791284
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9d8221ff3a22f88f7376425d9d83c61adee8eb227cf169755bba899634d27a63

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pixoguess.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 401
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
828 B 32ms
20ms Fetch
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

68c20816aa395a7784f515d61c125c7307fe8bfe00779ec7a289851a3baf0c3a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:58 GMT
an-x-request-uuid: a01df041-2867-4cf7-98f5-1f1959ac70ce
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pixoguess.io
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.133; 185.213.155.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 2 B
667 B 58ms
58ms Fetch
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PXG/pixoguess.io/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 04:51:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://pixoguess.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8960e830dde44db0-FRA
content-length: 2
expires: 0

GET
H3 404 success Show response
pixoguess.io/api/auth/login/ 37 B
185 B 123ms
123ms Fetch
application/json 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixoguess.io/api/auth/login/success
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy / Express
Resource Hash: 566d0db461b8952cc1f9ee20bb0b849487307efea047dfc411fd2e12d0669c1a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
server: Caddy
etag: W/"25-XpU2CYRSPuInC2puSC+EZa3kdLc"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pixoguess.io
access-control-allow-credentials: true
content-length: 37

GET
H3 200 pixoguess-logo.svg
pixoguess.io/assets/ 7 KB
7 KB 127ms
127ms Image
image/svg+xml 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixoguess.io/assets/pixoguess-logo.svg
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: 97b12807231fd272697c6803ed04e512794793c175b5cc87699e3241e02ed90b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
last-modified: Tue, 28 May 2024 14:06:38 GMT
server: Caddy
accept-ranges: bytes
etag: "se78j25sd"
content-length: 7501
content-type: image/svg+xml

GET
H3 200 avatar-3.svg
pixoguess.io/assets/Avatars/ 2 KB
2 KB 127ms
127ms Image
image/svg+xml 159.203.90.241
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixoguess.io/assets/Avatars/avatar-3.svg
Requested by: Host: pixoguess.io
URL: https://pixoguess.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 159.203.90.241 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: pixoguess.io
Software: Caddy /
Resource Hash: bca2b1e32f7eac096f6bdb135a3a53dab46909c16f27a1748c2957adef5df2b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
last-modified: Tue, 28 May 2024 14:06:38 GMT
server: Caddy
accept-ranges: bytes
etag: "se78j21v5"
content-length: 2417
content-type: image/svg+xml

GET
H2 200 fa-pro-solid.json Show response
icons.ui.kvass.no/ 3 KB
1 KB 66ms
15ms Fetch
application/json 164.90.226.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://icons.ui.kvass.no/fa-pro-solid.json?icons=angle-left%2Cangle-right%2Cfile-contract%2Cplus%2Cquestion%2Cvolume-high
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.226.2 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: icons.ui.kvass.no
Software: Caddy /
Resource Hash: 6b3a4232160079c746d62f6bd3f3d85f797c710336ea5c1c2e78b10d8088b20e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
content-encoding: zstd
server: Caddy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800, min-refresh=604800, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
content-length: 1207

GET
H2 200 fa-pro-regular.json Show response
icons.ui.kvass.no/ 320 B
352 B 69ms
18ms Fetch
application/json 164.90.226.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://icons.ui.kvass.no/fa-pro-regular.json?icons=angle-down
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.226.2 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: icons.ui.kvass.no
Software: Caddy /
Resource Hash: 4f999ca163a9a06d7f0b862a0017f74ddaaa7fd441a33967577feebc04eef525

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
server: Caddy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800, min-refresh=604800, immutable
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
content-length: 320

GET
H2 200 fa.json Show response
icons.ui.kvass.no/ 364 B
397 B 67ms
16ms Fetch
application/json 164.90.226.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://icons.ui.kvass.no/fa.json?icons=forward
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.226.2 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: icons.ui.kvass.no
Software: Caddy /
Resource Hash: bfae02940150706fe9f4b2fc9f4c3544dd8314228d65b178c57326107cc58a1c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
server: Caddy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800, min-refresh=604800, immutable
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
content-length: 364

GET
H2 200 fa-brands.json Show response
icons.ui.kvass.no/ 1 KB
736 B 68ms
17ms Fetch
application/json 164.90.226.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://icons.ui.kvass.no/fa-brands.json?icons=discord
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.90.226.2 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: icons.ui.kvass.no
Software: Caddy /
Resource Hash: 7c37580f8c8f4c30fe81e7f64da1bb6e8426718c88bcbfbb04d2e0c2427da78f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
content-encoding: zstd
server: Caddy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800, min-refresh=604800, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
content-length: 702

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 44E8 0
0 26ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pixoguess.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 77687
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 19 Jun 2024 04:51:58 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 17 May 2024 08:31:56 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1200, 392740
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230158-FRA
X-Timer: S1718772718.407815,VS0,VE0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame DDE8 0
0 30ms
8ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent=
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pixoguess.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Jun 2024 04:51:58 GMT
ETag: "28052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 load-cookie.html
elb.the-ozone-project.com/static/ Frame 07B4 0
0 116ms
89ms Document
text/html 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1718772718285&bidder=ozone
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pixoguess.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8960e83219b22c6d-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 04:51:58 GMT
expires: 0
last-modified: Mon, 17 Jun 2024 08:24:07 GMT
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame F9D3 0
0 19ms
7ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1718772718281&gdpr=0&gdpr_consent=

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pixoguess.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
192 B 14ms
14ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:51:58 GMT
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
server: cloudflare
age: 0
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray: 8960e83278c7bb73-FRA
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ 70 KB
22 KB 99ms
72ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028c14d2a81be1c7def3f60cfaed1289bb432ff402eff119df28ab9224575691

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 04:51:58 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 May 2024 12:41:17 GMT
Server: cloudflare
ETag: W/"3d48eafa2e42753c913bb8e839134264"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kCU5JqVpYdWUb9X9ql%2B7QjJLqB3%2BtPpy%2BPuGA3w4hzSO2okjHBFHKKLzGh4J2qTtZ%2BcKli93bQb%2FIgODd5QSxugTUEUFFGtmFa4sFxq7VHys8YVdr6Q76HTjPbxWCiNwHbmlvkKak6UgBPC3"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8960e8329a0d30ed-FRA

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 149ms
74ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pixoguess.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pixoguess.io/	1970-01-20 21:27:39	Name: StatsSend Value: true
.pixoguess.io/	1970-01-20 23:37:41	Name: CountryCode Value: DE
.pixoguess.io/	1970-01-20 23:37:41	Name: userFromEEA Value: true
.pixoguess.io/	1970-01-20 21:27:39	Name: __cmpconsentx13566 Value: CQAdCHAQAdCHAAfYeBENA5EgAAAAAAAAAAigAAAO5gCgA4AM-AjwBKoDuQAA
.pixoguess.io/	1970-01-20 21:27:39	Name: __cmpcccx13566 Value: aBQAd-dIAAAAAAA
.pixoguess.io/	1970-01-21 07:02:12	Name: _ga Value: GA1.1.758490629.1718772718
.pixoguess.io/	1970-01-21 07:02:12	Name: _ga_4G875X3V44 Value: GS1.1.1718772717.1.0.1718772717.0.0.0
.adnxs.com/	1970-01-21 07:02:12	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 06:11:48	Name: khaos Value: LXLCWD5O-1C-EQGD
.rubiconproject.com/	1970-01-21 06:11:48	Name: audit Value: 1\|SDziDG3X/Ej7TuVLFqBeCD5APvdogVCbaTd6KyMQnav7WhEtU9POVm4sL+1Xv9YzX3rpLfwKRCUlqTwZAnwoYe2C6yAnh5iMy+NPW1w6BWAijy0RC4Zd8RuybVyVU0yt
.adnxs.com/	1970-01-20 23:35:48	Name: XANDR_PANID Value: 8Epc88l7vkFst4taBduBWiRAuN0pG7XV8OxCqEjlpclCjOEQqxynVRbDvt9a-kFLhMlyTJ0cmcqcDdGJdwtyRrTp3rNb2rzgA4A_qB46gtY.
.adnxs.com/	1970-01-20 23:35:48	Name: icu Value: ChgIzYVEEAoYASABKAEw7sfJswY4AUABSAEQ7sfJswYYAA..
.adnxs.com/	1970-01-20 23:35:48	Name: uuid2 Value: 3779577735308724746
.the-ozone-project.com/	1970-01-20 23:35:48	Name: ozone_uid Value: 2i5Fq7P7TQD6QgKar3LSCpM1paM
.the-ozone-project.com/	1970-01-20 21:26:14	Name: __cf_bm Value: VxH8ee4J97R_cikzJjFRV85Z1_.3bFhdQD50.73Lls4-1718772718-1.0.1.1-wL_GXOgBWnSeht58eE1dZSYII18GFxHS5Y9FNgxVOGdtuMB2g19rfv7FXfQU9NR5HV7_7O5GNrR48eBWpDJrEQ
.advertising.com/	1970-01-21 06:12:10	Name: A3 Value: d=AQABBO9jcmYCEGASs-OUnk0bJPMGdhf0-I8FEgEBAQG1c2Z8ZuAKyiMA_eMAAA&S=AQAAAt5JftDN5Y2Tnv0fJJiAW8o
.casalemedia.com/	1970-01-21 06:11:48	Name: CMID Value: ZnJj77mqPMsAADKWAf.mqAAA
.casalemedia.com/	1970-01-20 23:35:48	Name: CMPS Value: 2172
.casalemedia.com/	1970-01-20 23:35:48	Name: CMPRO Value: 2172
.sitescout.com/	1970-01-21 06:11:48	Name: ssi Value: 60cdbfde-96cc-44e4-a965-04f627433c65#1718772719697
.sitescout.com/	1970-01-20 22:09:24	Name: _ssuma Value: eyIzOSI6MTcxODc3MjcxOTcxOCwiNyI6MTcxODc3MjcxOTcxOCwiODAiOjE3MTg3NzI3MTk3MTh9
.undertone.com/	1970-01-21 06:11:48	Name: UTID Value: 921427ff9e094c9eae27d09b278a1968
.undertone.com/	1970-01-21 06:11:48	Name: UTID_ENC Value: 8nc33qm3wi1nqfdk5t2zkt3zc
.tapad.com/	1970-01-20 22:52:36	Name: TapAd_TS Value: 1718772719901
.tapad.com/	1970-01-20 22:52:36	Name: TapAd_DID Value: b5a73f95-d6d6-4b50-b66e-fc3af33b40cd
.tapad.com/	1970-01-20 22:52:36	Name: TapAd_3WAY_SYNCS Value:
.undertone.com/	1970-01-21 06:12:09	Name: UID_EXT_54 Value: 60cdbfde-96cc-44e4-a965-04f627433c65-667263ef-5553
.adform.net/	1970-01-20 22:52:36	Name: uid Value: 3832084149445422285
.bidswitch.net/	1970-01-21 06:11:48	Name: tuuid Value: 5dade9f7-8a6f-4ba7-bac2-80e25c37a787
.bidswitch.net/	1970-01-21 06:11:48	Name: c Value: 1718772720
.bidswitch.net/	1970-01-21 06:11:48	Name: tuuid_lu Value: 1718772720
.doubleclick.net/	1970-01-21 06:47:48	Name: IDE Value: AHWqTUlPL_2YC7OG6xRtYQtsbzjgN-ezWla-w7WTeedXBNWgICwIzFFzh8ylNO5wtJg
cookies.nextmillmedia.com/	1970-01-20 21:36:17	Name: NMUID Value: 252f65ee-3901-4a0a-85b7-c6983ae38330
.3lift.com/	1970-01-20 23:35:48	Name: tluidp Value: 1445527626610406882800
.3lift.com/	1970-01-20 23:35:48	Name: tluid Value: 1445527626610406882800
.smartadserver.com/	1970-01-21 06:56:27	Name: pid Value: 4154627947419370580
.the-ozone-project.com/	1970-01-20 23:35:48	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJiaWRzd2l0Y2giOnsidWlkIjoiNWRhZGU5ZjctOGE2Zi00YmE3LWJhYzItODBlMjVjMzdhNzg3IiwiZXhwaXJlcyI6IjIwMjQtMDctMDNUMDQ6NTI6MDAuNzI2NTE5NloifSwiZnJlZXdoZWVsc3NwIjp7InVpZCI6IjY3MzBkYjUxOWNjMWRlZDA3NjkyMjcyOGQyNzNkOGNkIiwiZXhwaXJlcyI6IjIwMjQtMDctMDNUMDQ6NTI6MDAuMTg5NzA3MDIzWiJ9LCJpeCI6eyJ1aWQiOiJabkpqNzdtcVBNc0FBREtXQWYubXFBQUFcdTAwMjYyMTcyIiwiZXhwaXJlcyI6IjIwMjQtMDctMDNUMDQ6NTI6MDEuOTMyNzUzMjg1WiJ9LCJzbWFydCI6eyJ1aWQiOiI0MTU0NjI3OTQ3NDE5MzcwNTgwIiwiZXhwaXJlcyI6IjIwMjQtMDctMDNUMDQ6NTI6MDEuODQ2MDQ0ODU5WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjE0NDU1Mjc2MjY2MTA0MDY4ODI4MDAiLCJleHBpcmVzIjoiMjAyNC0wNy0wM1QwNDo1MjowMS41OTQ0NDI3MDJaIn0sInVuZGVydG9uZSI6eyJ1aWQiOiI4bmMzM3FtM3dpMW5xZmRrNXQyemt0M3pjIiwiZXhwaXJlcyI6IjIwMjQtMDctMDNUMDQ6NTE6NTkuODE4MTAzNTEyWiJ9LCJ1bnJ1bHkiOnsidWlkIjoiT1BUT1VUIiwiZXhwaXJlcyI6IjIwMjQtMDctMDNUMDQ6NTE6NTkuMzQ0Nzc0MjY3WiJ9fSwiYmRheSI6IjIwMjQtMDYtMTlUMDQ6NTE6NTguODc0MjI0ODlaIn0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://pixoguess.io/assets/index-a0b31d46.js(Line 23) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://pixoguess.io/api/auth/login/success Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
api.adinplay.com
api.btloader.com
btloader.com
c.delivery.consentmanager.net
cadmus.script.ac
cdn.consentmanager.net
cdn.jsdelivr.net
country.adinplay-venatus.workers.dev
elb.the-ozone-project.com
eus.rubiconproject.com
fastlane.rubiconproject.com
i.clean.gg
ib.adnxs.com
icons.ui.kvass.no
imasdk.googleapis.com
onetag-sys.com
pagead2.googlesyndication.com
pixoguess.io
region1.google-analytics.com
script.4dex.io
securepubads.g.doubleclick.net
stats.adinplay.com
www.googletagmanager.com
104.18.43.178
130.211.23.194
142.250.181.226
142.250.186.102
151.101.65.108
156.146.33.137
159.203.90.241
164.90.226.2
172.217.18.2
185.89.210.180
188.114.96.3
2001:4860:4802:34::36
2602:803:c003:200::21
2606:4700:10::ac43:293c
2606:4700:20::681a:3e8
2606:4700:20::681a:9a9
2606:4700:20::ac43:4513
2606:4700::6812:1791
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2008
2a02:6ea0:c700::17
2a04:4e42:200::485
34.95.69.49
51.38.120.206
51.89.9.251
87.230.98.76
93.119.15.97
95.101.149.233
028c14d2a81be1c7def3f60cfaed1289bb432ff402eff119df28ab9224575691
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
2ed3aaabe69fccccdbd066e9f8c9674b8f2bba0111f556070554312b18f2f508
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
4080d6140d8f11e92328996fd5ad9cf5076e1360b7c28ef3c99c90d890009590
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f999ca163a9a06d7f0b862a0017f74ddaaa7fd441a33967577feebc04eef525
500767ef44621760609a29ca42122f03fa0601d68052e14fe9d59f7b9bcab3d5
53ceb95c1e7684c644f9f0dd6680279cfa63b35997bb84bb9b84a259e99f10f6
55aeb66fcc3c7306176c589bb213bd92930ebb1ac4c9ea196528fd370f7932c3
566d0db461b8952cc1f9ee20bb0b849487307efea047dfc411fd2e12d0669c1a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5ca7e2d6e114d9244f352723e8bccb8968a526800f55fbf26c494619d6526925
60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696
65010dc8783742d12525e4b4bf45c0782b3e3ed2fa3ada394fee25a3ab7c5c1b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
68c20816aa395a7784f515d61c125c7307fe8bfe00779ec7a289851a3baf0c3a
6b3a4232160079c746d62f6bd3f3d85f797c710336ea5c1c2e78b10d8088b20e
73e80796df0f325249f01776635aecedb926aaa6df8404c66aedb6941f95d918
796b0797a49402343be93b6eb77b6ea7f959f3cc4d5069a3327997ca5296f993
7c37580f8c8f4c30fe81e7f64da1bb6e8426718c88bcbfbb04d2e0c2427da78f
83e8e525ccea212b31bdea319a72117535c56d0542a63284d16868eb02183498
8e73aa76ae2889d6913cb7c8c2ef1d369b2e3ab75a52ec3ceb2a899781d0d278
9427d82e5b874a955ae4cbcf164f2b53c54982165dd8de3d65cc710f7f38eb39
97b12807231fd272697c6803ed04e512794793c175b5cc87699e3241e02ed90b
988f5b4312e07e5c63634530a4efbf3bb707231be9ddf909e865fecb7f217090
9d8221ff3a22f88f7376425d9d83c61adee8eb227cf169755bba899634d27a63
b0bbe7d04def5dd2eed5db2f869f025934d70ee6ae3e9ed8fe08406c52ab58e7
bca2b1e32f7eac096f6bdb135a3a53dab46909c16f27a1748c2957adef5df2b0
bd010e8d713d3f1cab2af7136ae01b7b848af4064f1baa8fde59fdea9e7bc9ce
bd7f5d90a7046f13d6acaaddccfe41823ac998ae2f2271f3a2adbe78f37a1d32
bfae02940150706fe9f4b2fc9f4c3544dd8314228d65b178c57326107cc58a1c
c0db5eda2ed0ce308ac67a7593a228f8cf7f75d290f328c9010d02a1dc90e7a5
cc6f944ee53b7874d4811c2365cb731b1c48a71fc99a28b9dd592c96a4a05bdb
cd644fcb4894d969f887d77cdd2309a4cae8b6ced04cdd7b1cf4e16b44ba657f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf98dffb7738c054fb2db152e060fa702a5ab8fd0c6a0c9424b85840ce414bd2
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbc5bdbc652e1bd2d47f291f9e5f258afb13fe3c613a5cd73792919ff8c57ae6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ddaf7722e840f95d5de9d15fbe6635065ead7ff84c9be9dcf3531037f8340b
e741a1e13b2b4c6cea828aee2b1da75b8c4d130b1d88e78ba8cd31474d06c8a3
e983ff903a5073b8388da9e6ec89e3350a69fc12d62be000ad7661b845ad68c6
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
f101735f56473566d5b552a1e9293d055369fdfcc49aba2a51572a89fe31090b

pixoguess.io Open in urlscan Pro 159.203.90.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

39 %IPv6

20 Domains

26 Subdomains

28 IPs

5 Countries

3699 kBTransfer

5731 kBSize

37 Cookies

3 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pixoguess.io Open in urlscan Pro
159.203.90.241 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

39 %
IPv6

20
Domains

26
Subdomains

28
IPs

5
Countries

3699 kB
Transfer

5731 kB
Size

37
Cookies

63 HTTP transactions
0 data transactions