noxcodes.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://test98.jenkohome.com/
Effective URL:
https://noxcodes.xyz/
Submission: On September 20 via api (September 20th 2023, 8:03:51 am UTC) from US — Scanned from NL

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 45 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is noxcodes.xyz.
TLS certificate: Issued by GTS CA 1P5 on August 14th 2023. Valid for: 3 months.

This is the only time noxcodes.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	76.76.21.142 76.76.21.142	16509 (AMAZON-02) (AMAZON-02)
3	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
45	12

12 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

test98.jenkohome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
noxcodes.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.76.21.142 (Walnut, United States)

ASN16509 (AMAZON-02, US)

analytics.umami.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl20666481.highcpmrevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.profitablecreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673 www.google.com — Cisco Umbrella Rank: 11	61 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	217 KB
10	noxcodes.xyz noxcodes.xyz	91 KB
3	umami.is analytics.umami.is — Cisco Umbrella Rank: 116964	3 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	5 KB
2	profitablecreativeformat.com www.profitablecreativeformat.com — Cisco Umbrella Rank: 76845
2	jenkohome.com 2 redirects test98.jenkohome.com	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1878	252 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	601 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1476	7 KB
1	highcpmrevenuegate.com pl20666481.highcpmrevenuegate.com
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	91 KB
45	12

	Domain	Requested by
12	fundingchoicesmessages.google.com	noxcodes.xyz
10	noxcodes.xyz	noxcodes.xyz static.cloudflareinsights.com
7	pagead2.googlesyndication.com	noxcodes.xyz pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	analytics.umami.is	noxcodes.xyz analytics.umami.is
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.profitablecreativeformat.com	noxcodes.xyz
2	test98.jenkohome.com	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	noxcodes.xyz
1	pl20666481.highcpmrevenuegate.com	noxcodes.xyz
1	www.googletagmanager.com	noxcodes.xyz
45	14

This site contains links to these domains. Also see Links.

Domain
github.com

Subject Issuer	Validity	Valid
noxcodes.xyz GTS CA 1P5	`2023-08-14` - `2023-11-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
analytics.umami.is R3	`2023-08-04` - `2023-11-02`	3 months	crt.sh
highcpmrevenuegate.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
profitablecreativeformat.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://noxcodes.xyz/
Frame ID: 160439FCC7D525ABE134D6A9CA6990E1
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Frame ID: AF883AD6C618B32846B87F76827FD4E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1890577455173761&output=html&adk=1812271804&adf=3025194257&lmt=1695189826&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fnoxcodes.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695197026329&bpp=3&bdt=221&idt=254&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8282784860423&frm=20&pv=2&ga_vid=208275377.1695197027&ga_sid=1695197027&ga_hid=2109383179&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077969%2C44796700&oid=2&pvsid=282204302689656&tmod=1926267229&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
Frame ID: CA1FF694D56AE77ECF2A1B3F9F183049
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C5894A3E380416169DB340483F07A7E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E7D440A350E7DBBE0A9CE7060840174
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Personal Blog Website

Page URL History Show full URLs

http://test98.jenkohome.com/ HTTP 301
https://test98.jenkohome.com/ HTTP 301
https://noxcodes.xyz/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

45
Requests

100 %
HTTPS

83 %
IPv6

12
Domains

14
Subdomains

12
IPs

2
Countries

475 kB
Transfer

1220 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/NOXITB
Title: Github

Search URL Search Domain Scan URL

URL: https://github.com/NOXITB/nox-blogs
Title: Github

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://test98.jenkohome.com/ HTTP 301
https://test98.jenkohome.com/ HTTP 301
https://noxcodes.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
noxcodes.xyz/
Redirect Chain

http://test98.jenkohome.com/
https://test98.jenkohome.com/
https://noxcodes.xyz/

24 KB
6 KB

138ms
73ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893bc71916fdca3768728ed45742fce0f4350cefd42434353ff4302dc8578217

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80988dc4ccbc3a98-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 20 Sep 2023 08:03:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfw3qHB02CFdtrMWsPv0lOY8XJc6%2B2eDy3DzqUxp425%2BBv0YJOoCjOL2ZfMX8FLhd4v5zXDWrcgY3q6g3nM6bWyXVI0Q%2B6ugc5qMJ997DOnhghlxl9vfJc1Gyt93x%2BKXlIgWkRCPF3QFA7o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80988dbd5c781917-FRA
content-type: text/html
date: Wed, 20 Sep 2023 08:03:45 GMT
location: https://noxcodes.xyz/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN%2FKqE46zIXyYYVodPXF%2FMAacTrbd5npanyiogR4WF64dqkdsh1zcKLfLIFCnStNvFIjKPxlGzYeYnupAWnBtOzzcyekR4C80xwQqYzkMNDqMn2c30LYeEuXnIEj6LP5nB5v5OOo7hJ3YgJLOqR%2FP6myMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 147ms
69ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1890577455173761

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fae9e8e5dcc16a65d1659de0827bba52bb599fac4a5a7e5b63d9b26c390c9de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
Origin: https://noxcodes.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50637
x-xss-protection: 0
server: cafe
etag: 7988275378607766827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 08:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
91 KB 100ms
39ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C2EK4KCTJX

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4c667d5e51066ad054d11e9c128496c6cde29346e2a1a450acd6f37c21efe9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92569
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Sep 2023 08:03:46 GMT

GET
H2 200 pub-1890577455173761 Show response
fundingchoicesmessages.google.com/i/ 155 KB
51 KB 148ms
73ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-1890577455173761?ers=1

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44054b24e21025d8ea0641d341a60823bc7419597daf55de27715628ca2ccb89

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y870hWslZXufQTKAFxTtxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-y870hWslZXufQTKAFxTtxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 script.js Show response
analytics.umami.is/ 3 KB
2 KB 87ms
26ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.umami.is/script.js

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8719d5bd0daee4932c62da73996bbcc8f0d4a35ffe9c00520d58b23dee18d683

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self' undefined;
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self' undefined;
content-encoding: br
date: Wed, 20 Sep 2023 08:03:46 GMT
strict-transport-security: max-age=63072000
age: 40323
x-dns-prefetch-control: on
content-disposition: inline; filename="script.js"
server: Vercel
x-vercel-id: fra1::2ncz2-1695197026203-6882499038c6
x-matched-path: /script.js
etag: W/"3a82ff68f73bc0aa5ebb44d0dffdd839"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H2 200 about.39ec9511.css
noxcodes.xyz/_astro/ 39 KB
8 KB 32ms
30ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://noxcodes.xyz/_astro/about.39ec9511.css

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ec951129da994a66bf9a5ab18242a796fe3e1fa82e9f7cbb0dd7c859f70633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3414
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3bb25d90d333cfabdbe367a3e06d58d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KL%2BNQskAktKZV33%2F44MvstHyCub0BzKFLbIlYhwWNxQ9M6QEWhusbbd4OBinIDGhimbuL83%2BHL207br1imyddlfU3GFMmq%2FsDN%2BrjcyqcnqCQooFhqY8flAscYPwxz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 80988dc54d883a98-FRA

GET
H2 200 hoisted.47b19662.js Show response
noxcodes.xyz/_astro/ 122 B
456 B 29ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://noxcodes.xyz/_astro/hoisted.47b19662.js

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d33f876a82f0c7a0bbb7993088529ec6daff499dae7d555033e588ffe6f5d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://noxcodes.xyz/
Origin: https://noxcodes.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1870
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f349cd4319f8e20d8f8d3e5631ce4041"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZspsQpRbQIoxum90lOdL1HVRNNW4cF9Brtex7RQRDKqk90p6em4uH1u%2BhdA2K%2BYE2eCJA%2FxTbDQ2%2FZRTrIjc%2F40Tvkd7mY2zx0%2Fk5%2Fk4zX1vT%2FqRxFjXC035p7sbjys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 80988dc54d8d3a98-FRA

GET
H/1.1 403
Forbidden invoke.js
pl20666481.highcpmrevenuegate.com/066afb85a171f3b3b34299cbba400e2e/ 0
0 1554ms
102ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pl20666481.highcpmrevenuegate.com/066afb85a171f3b3b34299cbba400e2e/invoke.js
Requested by: Host: noxcodes.xyz
URL: https://noxcodes.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Wed, 20 Sep 2023 08:03:47 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 binary2decimal_2fS5sw.avif
noxcodes.xyz/_astro/ 7 KB
7 KB 34ms
28ms Image
image/avif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noxcodes.xyz/_astro/binary2decimal_2fS5sw.avif

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6370848930cba424fe0ccb718f5e4b7e9b5b70ac0bf40cca527a32eb145fad99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2884
alt-svc: h3=":443"; ma=86400
content-length: 7230
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "8a2b145e10fecbb9d883fe01da24084a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICouV2MKI%2BXavrGRdhmVBlpTEfW64L2FQ6eVY2jtOgDdgIEJu91GJkMUMpJsfK9TjDQgnoFn0zEQXzkANsolNFXo4eyq8LslIwP6h%2BEYzsh6zR1zIL%2B6mkma1jh8BYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 80988dc56dc23a98-FRA

GET
H2 200 mongodb_181Oes.avif
noxcodes.xyz/_astro/ 4 KB
5 KB 38ms
31ms Image
image/avif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noxcodes.xyz/_astro/mongodb_181Oes.avif

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058a339781e5cc0609c7f8baa829a0c320e7415d4364eb59ca0daf253fbf3db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2884
alt-svc: h3=":443"; ma=86400
content-length: 4390
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "b6f5b4c5d0553823acc3365668ab98ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8AhWxwcJydMHg6F5AP8UIbEbxB%2BcrH%2FSCbanOD%2Bt2l1Jby8H6pY%2BJaCcuGDC7rCUtCjTMPMFoBNVQMI22gG1QNLvrsNBqIxFRQBwl1ED9HC%2FjVPV33LiEoLXpsO59k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 80988dc56dc33a98-FRA

GET
H2 200 js_Z4SFUA.avif
noxcodes.xyz/_astro/ 6 KB
6 KB 36ms
30ms Image
image/avif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noxcodes.xyz/_astro/js_Z4SFUA.avif

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85fe333506924cf89898d7190674368dbd0a35f1dd1c30ffaf88038f8d5ebb04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2882
alt-svc: h3=":443"; ma=86400
content-length: 5850
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "db9161f719b935e0576829d49d3c2c23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnlTqyIwWBb1MGenm3b31%2BVm9wjzTlLag49vTUgK0izFngZ6Dmepo7CGQAiTtKvWCv6KT36a4C6mtol34JcPCgqQbQZnulgCfxpzjUysge7uwx9YYHkznTk1O1ilXA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 80988dc56dc43a98-FRA

GET
H2 200 omada_19NRlz.avif
noxcodes.xyz/_astro/ 18 KB
18 KB 33ms
29ms Image
image/avif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noxcodes.xyz/_astro/omada_19NRlz.avif

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43922b3d96842054bec1b25e5af551ec91e1bb793a67fab0a52c225d370190ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2882
alt-svc: h3=":443"; ma=86400
content-length: 18063
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "a31202e14e6699aaf2614c281f47fa32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwgPSWCsVVVMweJtj098%2BmdCEzHPLW1Pdjf4bMhoRRLn39vQ8T6pwR2cLxnG04vfllPIxK689XzKE9xTKzjIc4UZHYxfpsx8T6F1Sk2B1lMQBAkLX49qHPBSCJI8zU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 80988dc56dc73a98-FRA

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 157ms
104ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: noxcodes.xyz
URL: https://noxcodes.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://noxcodes.xyz/
Origin: https://noxcodes.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 80988dc5ba34bbda-FRA

GET
H2 200 inter-latin-variable-wghtOnly-normal.450f3ba4.woff2
noxcodes.xyz/_astro/ 37 KB
38 KB 29ms
27ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://noxcodes.xyz/_astro/inter-latin-variable-wghtOnly-normal.450f3ba4.woff2

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/_astro/about.39ec9511.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://noxcodes.xyz/_astro/about.39ec9511.css
Origin: https://noxcodes.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2886
alt-svc: h3=":443"; ma=86400
content-length: 37924
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "59c5a1701aec2363119e28701e57e40f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucRYIxVy7g9J2DZAWMfqGXaP%2F4y1zFGUXsx7HieAVhNHeibi1bql4mpaouYGGrn%2FhwjxQPg82Qi1JwCwEi5Knn1%2FQ2VGalZpPIpAZ1kgemOCd7zVWUMC5gpMAfOdFsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 80988dc57dd83a98-FRA

GET
H/1.1 403
Forbidden invoke.js
www.profitablecreativeformat.com/f80875e48da1c3cf0653a7d4e744cfe8/ 0
0 335ms
108ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profitablecreativeformat.com/f80875e48da1c3cf0653a7d4e744cfe8/invoke.js
Requested by: Host: noxcodes.xyz
URL: https://noxcodes.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 20 Sep 2023 08:03:46 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 hero-alt_1bMSSQ.png
noxcodes.xyz/_astro/ 3 KB
3 KB 33ms
33ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noxcodes.xyz/_astro/hero-alt_1bMSSQ.png

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61858e5f4ba66bf683170ca250193bb3dde225d70a6cce23d134b83ce828b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3414
alt-svc: h3=":443"; ma=86400
content-length: 2647
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "4b0160c9ff9bef9e4af544738ffa6555"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYcva8qgp5foHsNUprCHTH7saOrWKkKfYmijuo6sqIUeEfDPNDfwziK1MCg%2F6lOAzg0M0hEt6rAWl9aTYxTmBJ0hf3CQMVx%2BKd6RXHDi1ce2jRKzpxkCSZ5rB%2BO4pbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 80988dc5ac96383b-FRA
priority: u=3,i

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 153ms
92ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1890577455173761&plah=noxcodes.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1890577455173761

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d7f44e683b53ff69945fcdabdf245c4cb79f1f6d291be8cb79a90480d11572c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131561
x-xss-protection: 0
server: cafe
etag: 10765428098556085484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 08:03:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/ Frame AF88 10 KB
5 KB 69ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1890577455173761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 06:30:54 GMT
etag: 8554266389219770021
expires: Wed, 04 Oct 2023 06:30:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxX6Pgg94onvSTr-Up0OssCCxfzH5QKU30jKD1MBvZu_1ttaVyPqT-TXwueVsYPcZXiH-EJ_Y6QUcqssF1r5__uSTZtwbg8T_CetXsbcW7zI0ThgN9123_JJ1Px35pMzANQ7tr4bpg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 80ms
80ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX6Pgg94onvSTr-Up0OssCCxfzH5QKU30jKD1MBvZu_1ttaVyPqT-TXwueVsYPcZXiH-EJ_Y6QUcqssF1r5__uSTZtwbg8T_CetXsbcW7zI0ThgN9123_JJ1Px35pMzANQ7tr4bpg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MTk3MDI2LDM2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ub3hjb2Rlcy54eXovIixudWxsLFtbOCwiOW9FS180MXNRUDAiXSxbOSwibmwiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.9oEK_41sQP0.es5.O/d=1/rs=AJlcJMyiPoNNeIrYr9UBoLSSHb4_5S7WNg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d955449b6c3699d2330467fa6a3fbdb45ea08456aa9b672db7b2b9a070b58c6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ay8GS-PY4WCTXTvlE5fVpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ay8GS-PY4WCTXTvlE5fVpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
www.profitablecreativeformat.com/c30c5cd14eb92657737ffd2556369bb6/ 0
0 107ms
107ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profitablecreativeformat.com/c30c5cd14eb92657737ffd2556369bb6/invoke.js
Requested by: Host: noxcodes.xyz
URL: https://noxcodes.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 20 Sep 2023 08:03:46 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
601 B 115ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=noxcodes.xyz&callback=_gfp_s_&client=ca-pub-1890577455173761

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1890577455173761&plah=noxcodes.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2de431c39fbfb8f138064c897b6517f3cc453073c4a6a46d97f8de750ad6baa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA1F 603 B
245 B 71ms
70ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1890577455173761&output=html&adk=1812271804&adf=3025194257&lmt=1695189826&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fnoxcodes.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695197026329&bpp=3&bdt=221&idt=254&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8282784860423&frm=20&pv=2&ga_vid=208275377.1695197027&ga_sid=1695197027&ga_hid=2109383179&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077969%2C44796700&oid=2&pvsid=282204302689656&tmod=1926267229&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 08:03:46 GMT
expires: Wed, 20 Sep 2023 08:03:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 46ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C2EK4KCTJX&gtm=45je39i0&_p=2109383179&cid=208275377.1695197027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695197026&sct=1&seg=0&dl=https%3A%2F%2Fnoxcodes.xyz%2F&dt=My%20Personal%20Blog%20Website&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C2EK4KCTJX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 08:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://noxcodes.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 35ms
34ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.35829649214049

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hX4RIpwS17S2JO8vSR5m1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hX4RIpwS17S2JO8vSR5m1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 45ms
45ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.7103066864418732

Requested by

Host: noxcodes.xyz
URL: https://noxcodes.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zVYaEMcsBLoSIHUc_3PDOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-zVYaEMcsBLoSIHUc_3PDOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 72ms
31ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-V-TX7esyiXTk4xHfQYeoIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Sep 2023 08:03:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-V-TX7esyiXTk4xHfQYeoIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://noxcodes.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 send
analytics.umami.is/api/ Frame 0
0 118ms
74ms Preflight 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.umami.is/api/send

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self' undefined;
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://noxcodes.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=0, must-revalidate
content-length: 0
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self' undefined;
date: Wed, 20 Sep 2023 08:03:47 GMT
server: Vercel
strict-transport-security: max-age=63072000
vary: Access-Control-Request-Headers
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-matched-path: /api/send
x-vercel-cache: MISS
x-vercel-id: fra1::fra1::wr6qn-1695197027742-b293bed86d93

POST
H2 200 send Show response
analytics.umami.is/api/ 535 B
659 B 424ms
424ms Fetch
text/plain 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.umami.is/api/send

Requested by

Host: analytics.umami.is
URL: https://analytics.umami.is/script.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

81322ab4d3f0fa4d48aa8df0015ed1bc261f9c398e7efaf0046e1295d4ae3aa1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self' undefined;
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self' undefined;
date: Wed, 20 Sep 2023 08:03:48 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::fra1::8bqdg-1695197027816-e781e2ba8311
x-matched-path: /api/send
etag: "11fz9uo6rhhev"
x-vercel-cache: MISS
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-length: 535

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
71ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230918&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c10c5d6c9317ed23cfc674af6d1aaef5e5dfef046fc5e16de2141c56fac63d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12118
x-xss-protection: 0

POST
H3 204 rum Show response
noxcodes.xyz/cdn-cgi/ 0
139 B 25ms
24ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://noxcodes.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
content-type: application/json

Response headers

date: Wed, 20 Sep 2023 08:03:47 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://noxcodes.xyz
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 80988dcf28d5383b-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 315ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 08:03:48 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C58 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 07:50:58 GMT
expires: Thu, 19 Sep 2024 07:50:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E7D 829 B
1 KB 77ms
30ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb25b048e2d8b2b99f3baf71d7ff8d60bb41031238105abf431ede8f4d693bca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5daj1zAJ8KqDG3KD15S46A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://noxcodes.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-5daj1zAJ8KqDG3KD15S46A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 08:03:48 GMT
expires: Wed, 20 Sep 2023 08:03:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 stickyad. Show response
fundingchoicesmessages.google.com/f/AGSKWxWKp9gfWmz7Xb5K06BnV0PYQA3nZETbBq4ASEgbJzSekXswk4p27c-6TO6Hh7eaSJKQtklFq1i9Pk0RfNg8u8IWOkruNkNwcd3d95OLZM_eYKRzj_n4mTTemlD8A9SZWGc8berEiTCh56s06_tgCm1vkUfgV... 54 B
109 B 36ms
35ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWKp9gfWmz7Xb5K06BnV0PYQA3nZETbBq4ASEgbJzSekXswk4p27c-6TO6Hh7eaSJKQtklFq1i9Pk0RfNg8u8IWOkruNkNwcd3d95OLZM_eYKRzj_n4mTTemlD8A9SZWGc8berEiTCh56s06_tgCm1vkUfgVoHmCVgiju5SKwTd6bW4kFqVN0GBNDNx/_/singleadextension._psu_ad./adv5./clkads./stickyad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.9oEK_41sQP0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyiPoNNeIrYr9UBoLSSHb4_5S7WNg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55267b38f98102ea094adb445aa5d2ea31795ee7f04e3f15d3db1f42b026ae1b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-X_XLtyjFbhAn9ndpPQG6Lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-X_XLtyjFbhAn9ndpPQG6Lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:22:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 17:22:58 GMT

POST
H3 204 AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 32ms
32ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6337JCLAVdg62NOSqlAuYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Sep 2023 08:03:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-6337JCLAVdg62NOSqlAuYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://noxcodes.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
34ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7UUVlFZssE3ihX7NL1LF-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Sep 2023 08:03:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-7UUVlFZssE3ihX7NL1LF-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://noxcodes.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C58 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:29:17 GMT

POST
H3 204 AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
34ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cCbRNnH6t9AeT1hRSPlxJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Sep 2023 08:03:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-cCbRNnH6t9AeT1hRSPlxJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://noxcodes.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
32ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUt--Y-t4T52rAstX1AHv1md5PHaUrNTNuMUXPQlxuT-msRIguGANZiUosk5M24l2Z5-eOhqY59oCAcwXPFhTGog8QIfJEQ7hoWTP08RPb4YA6QiXkQ0Ibp29bIgZfTdBep5s9dlA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SuthfJAX8Z6_d2UkvbkSSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Sep 2023 08:03:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SuthfJAX8Z6_d2UkvbkSSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://noxcodes.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWU5InYgYNMdIbcziTfvw2jokuDZMB3ZyHTOshBg_2D72NPxTDR3QQRzPenpghGow3g41WE_mfSOcvFA4A_OS_xsI0cDf8N4hctZ0K2LhXGKKOGJTKSVTr0uOBd58hILLJ5okhB0Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWU5InYgYNMdIbcziTfvw2jokuDZMB3ZyHTOshBg_2D72NPxTDR3QQRzPenpghGow3g41WE_mfSOcvFA4A_OS_xsI0cDf8N4hctZ0K2LhXGKKOGJTKSVTr0uOBd58hILLJ5okhB0Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk1MTk3MDI4LDEzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbm94Y29kZXMueHl6LyIsbnVsbCxbWzgsIjlvRUtfNDFzUVAwIl0sWzksIm5sIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

471bb41583f026c73961aee06c99d84d280b23c3f644f8dc6e89a3c380037dd5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ImUhLbl8SA4mWhpCwCOELg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ImUhLbl8SA4mWhpCwCOELg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E7D 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230918&jk=282204302689656&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

POST
H3 204 AGSKWxVlPzE3Qvmnt6VfvlDbmqUV4W1LTRxqFNhwdoKzndcyArFEclVu_LXuGUF3-MgnyxjcsWYR9ULrenBV-ectZMQpNtaSfNp7lyLJg7VEGBuyGI5BU8gbFHbYb-qifzH-j2-jMwIzyQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 31ms
31ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVlPzE3Qvmnt6VfvlDbmqUV4W1LTRxqFNhwdoKzndcyArFEclVu_LXuGUF3-MgnyxjcsWYR9ULrenBV-ectZMQpNtaSfNp7lyLJg7VEGBuyGI5BU8gbFHbYb-qifzH-j2-jMwIzyQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cm5XFkLqIhMkgfZRRhy3xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://noxcodes.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 20 Sep 2023 08:03:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-cm5XFkLqIhMkgfZRRhy3xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://noxcodes.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2C58 0
10 B 24ms
23ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MhjKJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:03:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230918&jk=282204302689656&bg=!WVqlWhXNAAbP3fMH7907ADQBe5WfOEovZvo_2bIf1BVcrVQG78PxsQSvUtXzCGgIvf0rOBIp2ODm-gpKs1CF0T1vw3aLAgAAAF5SAAAACWgBBwoAJ3_Yw7HQ7WpwNc47A42mW3P1O6kUYX_uu74_DR_706gJAbJcmLfhz5kCrh2sJ4ZadwH-56NBEPn_fQLH4lrzpGO72sPHScaCb_0JD4VQ42XZer6R9mTL9Z5VPOQ3k7lt14PjXMbsn6Skyo_Q9ke4oXxPaSK0TCIi2eTUHSrctMM6OVHTjFCqPOAKEoQQrbCOa1q_8_HnH9wkzoR--8TFL3_7oePJDI6ufM2bc5u85geN_lyptNhyhkmGflML1t1a_VlCOswkWgt9SaaCXJT_nb5rtVIEpEsqzf8ZYO7FW47OqYnnD6SP8elxAAyJCjd3zVIrA8AzWBQJ-QNNZOFHNhjEhalG2CmSYLy9EeQPTSGuDcr0GYL_5jCIDml4o7PHjk5bPjqqt7s3Lb30YveA6Wj0WQSW0jQFedTztIGm8aPv7PPPn-uT2iPnBgkX3zcb9ALpg7E7GtJadDtDxLghSWIMzicHMKWWPprUjmctItBRI3yBtxQJQLPz-mo4sGXWc-9pHOVyJcSOrIuOvTilpmAGNB7mrnFAIHgveVPE4eD8XHyhk5jEM8q-lvufWDp40S9uzgFHSbSQR_knyu4WOCbPg1VWcblrPlGuyRIhI8HfKUZjnVCZfTiQT71UhSUoRmrgQRKgMwshpiS3xGBxRf1maKWd4K3unu99mrEViFwYZQO8aHoxfE1ogjG-UFobMx5CuyRBBC3RmjPngMsgnMZfjmxp6uBMZEq12UN9mgxKTX0fBvR6tjcZQRtFZ3PBE2GfImL87Kjz7CfV0X6lLAXXJRz1QQeo8035uBbE451RagpmRZn2oTVEavi4eMNTPp-6Ou1v_2jeZQDk5aMJKt3tZNS4ux3Y1P_kVV522b4XMdXj9JtEF9Phc0v0prdczJDhHzrJo-TWhMuUFwWXjph-toq1dLpdbmh--D-b5DBbiDnkxWaCR5xJoU4AWhZdHZ0IFkMy_6qU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://noxcodes.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.noxcodes.xyz/	1970-01-21 00:29:17	Name: _ga_C2EK4KCTJX Value: GS1.1.1695197026.1.0.1695197026.0.0.0
.noxcodes.xyz/	1970-01-21 00:29:17	Name: _ga Value: GA1.1.208275377.1695197027
.doubleclick.net/	1970-01-20 14:53:17	Name: test_cookie Value: CheckForPermission
.noxcodes.xyz/	1970-01-21 00:14:53	Name: __gads Value: ID=c0d85a2b149f9f95-229537ad7fde00c9:T=1695197026:RT=1695197026:S=ALNI_MbdNxyGr0i2pG9G9GD-RX66Zjxx3Q
.noxcodes.xyz/	1970-01-21 00:14:53	Name: __gpi Value: UID=00000c79224c02d9:T=1695197026:RT=1695197026:S=ALNI_MYb84sN-fIko730g9Ep4hzw9-Fy3A
.noxcodes.xyz/	1970-01-20 23:38:53	Name: FCNEC Value: %5B%5B%22AKsRol89g7zVC_5uPnKJN_JwY3GPdYyxhOXmtPCZ1Wys1SP9_MZiI9qfOBHAhqyszzCGpFZvFZ9-h6Ljk88rk0E4b-BaHTtuuReY4cvH80bki0hX1U6IGnHULKOyiZlxkK_frESnV7R4d92uf654Na6bLTiulBYIzg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://noxcodes.xyz/(Line 372) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/f80875e48da1c3cf0653a7d4e744cfe8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://noxcodes.xyz/(Line 372) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/f80875e48da1c3cf0653a7d4e744cfe8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.profitablecreativeformat.com/f80875e48da1c3cf0653a7d4e744cfe8/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://noxcodes.xyz/(Line 384) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/c30c5cd14eb92657737ffd2556369bb6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://noxcodes.xyz/(Line 384) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/c30c5cd14eb92657737ffd2556369bb6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.profitablecreativeformat.com/c30c5cd14eb92657737ffd2556369bb6/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl20666481.highcpmrevenuegate.com/066afb85a171f3b3b34299cbba400e2e/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.umami.is
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
noxcodes.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
pl20666481.highcpmrevenuegate.com
region1.google-analytics.com
static.cloudflareinsights.com
test98.jenkohome.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.profitablecreativeformat.com
192.243.59.12
2001:4860:4802:34::36
2606:4700::6810:3865
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2008
2a06:98c1:3120::3
76.76.21.142
00d33f876a82f0c7a0bbb7993088529ec6daff499dae7d555033e588ffe6f5d0
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
058a339781e5cc0609c7f8baa829a0c320e7415d4364eb59ca0daf253fbf3db9
0d955449b6c3699d2330467fa6a3fbdb45ea08456aa9b672db7b2b9a070b58c6
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
1d7f44e683b53ff69945fcdabdf245c4cb79f1f6d291be8cb79a90480d11572c
2de431c39fbfb8f138064c897b6517f3cc453073c4a6a46d97f8de750ad6baa1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
39ec951129da994a66bf9a5ab18242a796fe3e1fa82e9f7cbb0dd7c859f70633
43922b3d96842054bec1b25e5af551ec91e1bb793a67fab0a52c225d370190ca
44054b24e21025d8ea0641d341a60823bc7419597daf55de27715628ca2ccb89
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
471bb41583f026c73961aee06c99d84d280b23c3f644f8dc6e89a3c380037dd5
55267b38f98102ea094adb445aa5d2ea31795ee7f04e3f15d3db1f42b026ae1b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fae9e8e5dcc16a65d1659de0827bba52bb599fac4a5a7e5b63d9b26c390c9de
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6370848930cba424fe0ccb718f5e4b7e9b5b70ac0bf40cca527a32eb145fad99
81322ab4d3f0fa4d48aa8df0015ed1bc261f9c398e7efaf0046e1295d4ae3aa1
85fe333506924cf89898d7190674368dbd0a35f1dd1c30ffaf88038f8d5ebb04
8719d5bd0daee4932c62da73996bbcc8f0d4a35ffe9c00520d58b23dee18d683
893bc71916fdca3768728ed45742fce0f4350cefd42434353ff4302dc8578217
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a4c667d5e51066ad054d11e9c128496c6cde29346e2a1a450acd6f37c21efe9c
bb25b048e2d8b2b99f3baf71d7ff8d60bb41031238105abf431ede8f4d693bca
c10c5d6c9317ed23cfc674af6d1aaef5e5dfef046fc5e16de2141c56fac63d5f
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c61858e5f4ba66bf683170ca250193bb3dde225d70a6cce23d134b83ce828b4b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

noxcodes.xyz Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

83 %IPv6

12 Domains

14 Subdomains

12 IPs

2 Countries

475 kBTransfer

1220 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

noxcodes.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

83 %
IPv6

12
Domains

14
Subdomains

12
IPs

2
Countries

475 kB
Transfer

1220 kB
Size

6
Cookies

45 HTTP transactions
0 data transactions