urlscan.io logo urlscan.io
SecurityTrails logo

mixrootmods.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://files.technicalatg.com/9za9AQC
Effective URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBt...
Submission: On June 12 via manual from CA — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 5 countries across 27 domains to perform 75 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mixrootmods.com.
TLS certificate: Issued by GTS CA 1P5 on June 4th 2023. Valid for: 3 months.
This is the only time mixrootmods.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 15 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.190.55.95 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 68.178.164.9 26496 (AS-26496-...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
3 199.241.100.27 27589 (MOJOHOST)
1 2600:9000:223... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 173.233.137.44 7979 (SERVERS-COM)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:9000:224... 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:236... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 37.157.6.242 198622 (ADFORM)
1 185.89.210.122 29990 (ASN-APPNEX)
4 2602:803:c004... 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.198.226.87 16509 (AMAZON-02)
1 2a00:1450:400... ()
75 32
15    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
files.technicalatg.com
mixrootmods.com
technicalatg.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.190.55.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.55.190.35.bc.googleusercontent.com
onclickperformance.com
1    2606:4700:3033::6815:1319 (United States)

ASN13335 (CLOUDFLARENET, US)
appkamods.com
7    68.178.164.9 (Mumbai, India)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 9.164.178.68.host.secureserver.net
adswalla.com
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2606:4700:3031::6815:16a6 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.holid.io
helloworld.holid.io
3    199.241.100.27 (United States)

ASN27589 (MOJOHOST, US)
PTR: cs2196.mojohost.com
ss.mndsrv.com
pp.mndsrv.com
1    2600:9000:223f:800:1f:946:f000:21 (United States)

ASN16509 (AMAZON-02, US)
d3u598arehftfk.cloudfront.net
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9a8ad4eb55a85ebf02378b5e58f06285.safeframe.googlesyndication.com
1    173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)
clipperroutesevere.com
2    2606:4700:e0::ac40:6314 (United States)

ASN13335 (CLOUDFLARENET, US)
hbagency.it
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2600:9000:2240:6400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:236e:de00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:223c:a000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:225e:8a00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
2    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    18.198.226.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-226-87.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
1    2a00:1450:4001:831::2004 (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
12 mixrootmods.com
mixrootmods.com
53 KB
8 googlesyndication.com
9a8ad4eb55a85ebf02378b5e58f06285.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
tpc.googlesyndication.com — Cisco Umbrella Rank: 154
87 KB
7 holid.io
ads.holid.io — Cisco Umbrella Rank: 294006
helloworld.holid.io — Cisco Umbrella Rank: 756053
130 KB
7 adswalla.com
adswalla.com
324 KB
6 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3242
test.cmp.quantcast.com — Cisco Umbrella Rank: 10241
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11867
144 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
175 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 526
3 KB
3 mndsrv.com
ss.mndsrv.com — Cisco Umbrella Rank: 193337
pp.mndsrv.com — Cisco Umbrella Rank: 190380
80 KB
3 technicalatg.com
files.technicalatg.com
technicalatg.com
12 KB
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 4174
1 KB
2 hbagency.it
hbagency.it — Cisco Umbrella Rank: 160272
145 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 377
2 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 106
www.google.com
2 KB
2 onclickperformance.com
onclickperformance.com — Cisco Umbrella Rank: 157560
3 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 993
25 KB
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
2 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1130
634 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
254 B
1 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 4677
44 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1195
9 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
6 KB
1 clipperroutesevere.com
clipperroutesevere.com — Cisco Umbrella Rank: 426197
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 768
33 KB
1 cloudfront.net
d3u598arehftfk.cloudfront.net
35 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
87 KB
1 appkamods.com
appkamods.com
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
75 27
Domain Requested by
12 mixrootmods.com 3 redirects mixrootmods.com
7 adswalla.com mixrootmods.com
adswalla.com
5 securepubads.g.doubleclick.net mixrootmods.com
securepubads.g.doubleclick.net
4 fastlane.rubiconproject.com ads.holid.io
4 helloworld.holid.io ads.holid.io
4 pagead2.googlesyndication.com mixrootmods.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 cmp.quantcast.com hbagency.it
quantcast.mgr.consensu.org
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 ads.holid.io mixrootmods.com
ads.holid.io
2 adx.adform.net ads.holid.io
2 hbagency.it d3u598arehftfk.cloudfront.net
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
ads.holid.io
2 ss.mndsrv.com mixrootmods.com
2 technicalatg.com mixrootmods.com
2 onclickperformance.com mixrootmods.com
onclickperformance.com
2 maxcdn.bootstrapcdn.com mixrootmods.com
1 www.google.com tpc.googlesyndication.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 ib.adnxs.com ads.holid.io
1 pp.mndsrv.com ss.mndsrv.com
1 test.cmp.quantcast.com quantcast.mgr.consensu.org
1 rules.quantcount.com secure.quantserve.com
1 www.google-analytics.com www.googletagmanager.com
1 quantcast.mgr.consensu.org cmp.quantcast.com
1 secure.quantserve.com cmp.quantcast.com
1 cdnjs.cloudflare.com d3u598arehftfk.cloudfront.net
1 clipperroutesevere.com mixrootmods.com
1 9a8ad4eb55a85ebf02378b5e58f06285.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 code.jquery.com mixrootmods.com
1 d3u598arehftfk.cloudfront.net mixrootmods.com
1 www.googletagmanager.com mixrootmods.com
1 appkamods.com mixrootmods.com
1 fonts.googleapis.com mixrootmods.com
1 files.technicalatg.com 1 redirects
75 35

This site contains links to these domains. Also see Links.

Domain
adswalla.com
Subject Issuer Validity Valid
mixrootmods.com
GTS CA 1P5		 2023-06-04 -
2023-09-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
onclickperformance.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-15		 a year crt.sh
appkamods.com
E1		 2023-05-05 -
2023-08-03		 3 months crt.sh
adswalla.com
cPanel, Inc. Certification Authority		 2023-06-01 -
2023-08-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
holid.io
GTS CA 1P5		 2023-06-09 -
2023-09-07		 3 months crt.sh
pp.mndsrv.com
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
clipperroutesevere.com
R3		 2023-04-26 -
2023-07-25		 3 months crt.sh
hbagency.it
Cloudflare Inc ECC CA-3		 2022-10-21 -
2023-10-20		 a year crt.sh
cmp.quantcast.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Frame ID: B5176570F40D0D9BAD81431A42A334CE
Requests: 62 HTTP requests in this frame

Frame: https://onclickperformance.com/ad/display.php?stamat=m%257C%252CsojImdjZrB1dAN0dEdHP3xP.847%252CZMkKdRAQlkuDbgTABrav5HIt9cRGhcZQwZK3Lwq0gBE1i4AKSVw9LXdlAnb7a534g_Y2-I_QB7sRyCuMtCTVGFQBu0ANu682I6BcV3aLkUA%252C&cbpage=https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=&cbur=0.9564769913302962&cbtitle=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Frame ID: C10A5F9B1710169B4D7EF2883985850D
Requests: 1 HTTP requests in this frame

Frame: https://mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Frame ID: 46FE35D92B7F2008B244C4B1DA09CFEF
Requests: 4 HTTP requests in this frame

Frame: https://adswalla.com/display/index.php?page=query/items/&aduid=612&pid=325&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1600&page_data=7ecc6820a9e84d3652eb57b940637339&time=1686601467&deliver=mixrootmods.com&search_keywords=&page_referrer=aHR0cHM6Ly9taXhyb290bW9kcy5jb20vP2dvPTg4ZWM3YmJlNGEyNWRhZTlhNzY0NWQ1Y2Q2NGU5d0FwYnNDYWRmRWVGbGdpSG5pa2FVMHhXVlJzZURkcVdYcGhUQ3ROUTFGNkwyWkRTbkJFU1VOS1Yzb3pXSEJ0VDBZelVXRnVUbmxOTUQwPQ==&page_title=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&meta_description=
Frame ID: B40EB814D61C6C43F60CF25161E8311D
Requests: 4 HTTP requests in this frame

Frame: https://9a8ad4eb55a85ebf02378b5e58f06285.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D1D80111AF4A5705CF1A353B0C016566
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77751B02910D2E5BDF8CF0E058D66E33
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44BE40BABE645FCF1D7BB03D9A7CB402
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FFPL 2022: Free Fire Pro League Winter Reward,Prize Pool,TeamsWeb Interstitial Ad Example

Page URL History Show full URLs

  1. https://files.technicalatg.com/9za9AQC HTTP 302
    https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

75
Requests

96 %
HTTPS

77 %
IPv6

27
Domains

35
Subdomains

32
IPs

5
Countries

1422 kB
Transfer

3991 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://files.technicalatg.com/9za9AQC HTTP 302
    https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://mixrootmods.com/wp-content/plugins/wp-safelink/assets/safelink-detector.js HTTP 301
  • https://mixrootmods.com/
Request Chain 21
  • https://mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Request Chain 49
  • https://mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mixrootmods.com/
Redirect Chain
  • https://files.technicalatg.com/9za9AQC
  • https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
35 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bc1c04509564c36236f7f79b469e1c6f357f3d4f66bbf5ef9c3f301c790eddb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d64d1365a282be5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 12 Jun 2023 20:24:26 GMT
link
<https://mixrootmods.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bcVGRtT0cRB6OXvq1hWwCzYeqZDH%2FpUmYT8bLTmuQVbr5wAkh4F%2B%2BrNZjpWaCKDbAObrGDdv9TeemZKUtOyUFqp%2F66le%2FQBoF06UXJTSMEkHFx8VTkCyU7JuK%2BAn5KZcJjvaPJr%2F4LxdTmEccA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by
LiteSpeed
x-ua-compatible
IE=edge

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7d64d130de28903d-FRA
content-type
text/html; charset=UTF-8
date
Mon, 12 Jun 2023 20:24:25 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sl4zReGK1rCyf%2F1Ssu3XxoSNAjKkRpCxjmg2EtUAUiLaYLD4%2B4WG%2FQ%2FvQH79waVMfxjyBiDOLFPqnv00nlQC0xdUP69cucdO22oLOacGAy4c%2BsFCvNG8lJEIk2p8S7dH2AAJwJviSJwfzJtYlWGRNtRv3lnG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-litespeed-cache
hit
x-turbo-charged-by
LiteSpeed
oLZ0N52Xm-VdFNr7ild39H2zFM0.js
mixrootmods.com/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixrootmods.com/cdn-cgi/apps/head/oLZ0N52Xm-VdFNr7ild39H2zFM0.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e85917f8b8410fabb0802be97fdb9948d0ad203220f08826e85b8c59eb80de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
x-amz-version-id
LuxDzVvRV79HOy99q0.XdSdSWNYJ5UaY
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
B7YS2QJXQE9A7SMK
age
893367
alt-svc
h3=":443"; ma=86400
x-amz-id-2
FrIkJR2HtSg+wD1wgSD0OS9nURlNm5V7oxlil0tVV1wM3G666aYlRi3wCSX1t/CiOe7fPFOUc7w=
last-modified
Fri, 02 Jun 2023 12:13:56 GMT
server
cloudflare
etag
W/"48f921a471913a34af000876b2c02250"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTyERu7VaaCnZOXsbYUUlZJ9rS8kCgZaGVRQvBK%2FoZaTFAO2UelcVGN2oYjybafCcnv1WSu7DEGkbGJ1DJvDwuI%2F0B521yIfiOw4HJJM7pYXn8k8w7qpRxmyXdz26IArZl9pYW0iam2DQzTUiaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7d64d13bee682be5-FRA
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
30625434
cdn-cachedat
2021-06-08 17:56:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
4bd704688cb08bed1c10c8f26826e421
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7d64d13c5f8c1e4f-FRA
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
718, 718
age
11968162
cdn-cachedat
2021-04-13 02:36:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
357c5298f2849c0ce9712c57ec240f4e
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7d64d13c5f901e4f-FRA
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 20:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:46:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 20:24:26 GMT
display.php
onclickperformance.com/a/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onclickperformance.com/a/display.php?r=7045338
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.55.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.55.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
3abf26b6c029cfe179f110312451f620b14ded134a7664695bdb8e10287d2ec1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Jun 2023 20:24:26 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/javascript; charset=utf-8
c2b0165c490aa7aff8b35843961d9ab5.gif
technicalatg.com/wp-content/uploads/2022/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://technicalatg.com/wp-content/uploads/2022/08/c2b0165c490aa7aff8b35843961d9ab5.gif
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb28a678e90b9d97bba59a3c3028c2b3a5bd1c61c8e8fbb32edc0d25d5102685

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450574
alt-svc
h3=":443"; ma=86400
content-length
8944
last-modified
Wed, 14 Sep 2022 14:22:04 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uI%2Bv0Czkxdy0vwh8S8h5oTtosrlGEaTnnve6%2FIFcFAZDyYsV0NSCJjx30uKrFNCbQwcx10HWBwbwFn%2BuJsiMa7iqc4h5OBKgzBde39Tkkl9KnKCHXH7V21G1ZdacRJ%2B5XJl%2Bf%2BWZ95R29yWD%2FTQc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7d64d13c6f68903d-FRA
expires
Wed, 14 Jun 2023 15:12:02 GMT
wait4-1.png
technicalatg.com/wp-content/uploads/2022/11/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://technicalatg.com/wp-content/uploads/2022/11/wait4-1.png
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
806452f1b480eeeadffcc371cb695fc34d6accba5ebaab95fe8c7b50d8d6061b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450574
alt-svc
h3=":443"; ma=86400
content-length
2178
last-modified
Thu, 24 Nov 2022 21:48:46 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhUliBnsPT4ndZVQLJ3RwVisa%2FleVgY%2FpnCFMfeh%2BYkwwH%2F4GzwMpf8Aj5JGjdZTvqU9dgpuwAe%2BTNHINXkRCfQq7FTpo6m3HyQfl7EznK3V71QxwBKM9SIYmoR1qqPumfPi15nl5ZQawulixRFA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7d64d13c6f65903d-FRA
expires
Wed, 14 Jun 2023 15:12:02 GMT
Click-to-go-to-next-page.jpg
appkamods.com/wp-content/uploads/2023/03/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appkamods.com/wp-content/uploads/2023/03/Click-to-go-to-next-page.jpg
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3121a25a411e9883cacbe2094f0094cc6ba9b909927741c6d01350bd950ff044

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
225323
alt-svc
h3=":443"; ma=86400
content-length
21164
last-modified
Fri, 10 Mar 2023 15:32:08 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4gaIxf4WJdRHQtBCi5d%2B59eBE3wp7xHcRfu5jUYV14QIOqvf9QZX%2BMrP7Y60pbvjQFjELZJUXW1UoLTwj%2F%2FDrxGIog8Xf%2B6gvLTavZ3YwWLzRodP97XRRiJ6ez3sVBEwfDtiamWQGjd2UQR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7d64d13d1fb83a94-FRA
expires
Sat, 10 Jun 2023 14:24:36 GMT
items.php
adswalla.com/display/ 		67 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adswalla.com/display/items.php?612&325&300&250&4&0&0
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.178.164.9 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
9.164.178.68.host.secureserver.net
Software
nginx /
Resource Hash
a957c98db72c2b088414f850aadadb1b3af2c1d99e5a016ee39967a15a8b7cfb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 20:24:27 GMT
Last-Modified
Mon, 12 Jun 2023 20:24:27 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
rocket-loader.min.js
mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jun 2023 11:54:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"647f1e6b-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c54SPwWoZQgNUglm4XQip%2B2XFnGiND6Hx4%2FY%2FFe3Sa7l3LVeV1FA0uCqFwdp11gjSlA6G0VO8Prg4Q3U4oIvTk%2BsxpBXrt4SxhZQOLflEW542J%2FkYAcXcQvXXWpyt6R%2B%2F3JsV391cClqHelRFgE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7d64d13c4eb62be5-FRA
expires
Wed, 14 Jun 2023 20:24:26 GMT
5XvKxtzN2WPVXUDKjuSQfR65zCk.js
mixrootmods.com/cdn-cgi/apps/body/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixrootmods.com/cdn-cgi/apps/body/5XvKxtzN2WPVXUDKjuSQfR65zCk.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/apps/head/oLZ0N52Xm-VdFNr7ild39H2zFM0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14d18bbfffc123a6b542c8f50eba58c92cf589584cedbd5e823401997f4e9123

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
x-amz-version-id
hWxHUS0vaWuhJ2d7AM.9I.RznqXZBzV8
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
B7YXSH14RVDRP8JJ
age
893367
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NZD7t4v5V/5NdL8kvg9M33mVb11vhKhkZsZwJIKj0ZEbGDwdq1UztlPhtN+s+wJ48cbc7JrcZs8=
last-modified
Fri, 02 Jun 2023 12:13:55 GMT
server
cloudflare
etag
W/"ba3683b14dc0788c4ab447b7c56e8c4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9o1jTZXdEBP5hIbaOBgRrJ1eMNkM1kmDBdXO21W6OHdhiNsF45hv4kLQnGULRQSAQjxvBJW3gY0Ituje2fr4a%2BMFs2zQauP%2FRNDGcFPXw60hVqwKDQxOG3Eu9edjPnm9lHsqZPi02J88Mo54SU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7d64d13c4eb72be5-FRA
truncated
/ 		854 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
display.php
onclickperformance.com/ad/ Frame C10A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onclickperformance.com/ad/display.php?stamat=m%257C%252CsojImdjZrB1dAN0dEdHP3xP.847%252CZMkKdRAQlkuDbgTABrav5HIt9cRGhcZQwZK3Lwq0gBE1i4AKSVw9LXdlAnb7a534g_Y2-I_QB7sRyCuMtCTVGFQBu0ANu682I6BcV3aLkUA%252C&cbpage=https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=&cbur=0.9564769913302962&cbtitle=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by
Host: onclickperformance.com
URL: https://onclickperformance.com/a/display.php?r=7045338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.55.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.55.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://mixrootmods.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jun 2023 20:24:26 GMT
server
openresty
via
1.1 google
/
mixrootmods.com/
Redirect Chain
  • https://mixrootmods.com/wp-content/plugins/wp-safelink/assets/safelink-detector.js
  • https://mixrootmods.com/
131 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixrootmods.com/
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11deecf3ad78e61b49f13104db1bf43a2f859910a7f586709aa43748a2e06eda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjX7Y9wToiSEG1%2FJVWTG15yz5bwXoukCehj7EbebPzG%2FlXbAe5hC4kFCg2wPM4lvjFQEBSIdJg%2B5t4RYyW5OZ46PndExwQfrTycJMP%2FqlyDyy6FHFqSw%2B3KcBbFZzErP97rG8YUdU%2BsU%2FRx7BRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
7d64d140fbec37f1-FRA
link
<https://mixrootmods.com/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=edge

Redirect headers

x-ua-compatible
IE=edge
date
Mon, 12 Jun 2023 20:24:26 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
Rank Math
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FvFNfWqRLESIQaIeYEBvDXYGg0OBbjaPotAUgC5YFRpY%2Bj5d94GNHLeAZG7ESpEpMjIYnQJQJz0aLjd8tSn7wd%2FKkXq5WJRUdYN0G9M5CftCMNQhve3ioqIL9zfaiK2pZqlL2k%2FMrJA%2Bv4wfIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://mixrootmods.com
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
7d64d13d8fb337f1-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33edfcdb55624e2ef79424510a88da7e0735f27ddb2d5cebfa75bc48e9b943cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25317
x-xss-protection
0
server
cafe
etag
7 / 19520 / m202306060101 / config-hash: 17170386062800192975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 20:24:26 GMT
js
www.googletagmanager.com/gtag/ 		252 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9RG3KFK1NE
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3958024eece6b5c86e04aa780d3b6c549ad757119c8b4a4bc6eb087acfb6f8f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88341
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Jun 2023 20:24:26 GMT
holid.js
ads.holid.io/auto/mixrootmods.com/ 		35 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.holid.io/auto/mixrootmods.com/holid.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:16a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c69d51573f4e3f8c03fc0fbabc1b0332b0b212b985d49ab5b887dd496303518

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=77896
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 29 May 2023 14:15:44 GMT
server
cloudflare
etag
W/"6474b390-13048"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ko3YYTJpWRJNQ5cR4n1LbOoChN8nymBnQ73J32q7w1JvUsUS7XJ4D1NqFTCCXY0e1FHqRnywQpxxWvL8jSsnOXj7k5l435keevPN1RzNtfigSRHfvp4mO1cTPqUXDrmiAHWJkXsz4wfBzu8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
7d64d13e4e651bc3-FRA
native.js
ss.mndsrv.com/ 		72 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ss.mndsrv.com/native.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS
cs2196.mojohost.com
Software
nginx/1.20.1 /
Resource Hash
24b05a7f551a61746572b9c72e45608f295268e9e69bcbb27ffeaa3c2c9669ca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 20:24:26 GMT
Last-Modified
Tue, 16 May 2023 12:00:59 GMT
Server
nginx/1.20.1
ETag
"6463707b-1205e"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73822
banner.js
ss.mndsrv.com/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ss.mndsrv.com/banner.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS
cs2196.mojohost.com
Software
nginx/1.20.1 /
Resource Hash
8a64910872e140c9fdee68753b9a8a8c6ade93b2e55be7cf91dbcf060b314fe8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 20:24:26 GMT
Last-Modified
Wed, 19 Apr 2023 08:14:08 GMT
Server
nginx/1.20.1
ETag
"643fa2d0-1c31"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7217
prebid_hb_3513_5604.js
d3u598arehftfk.cloudfront.net/ 		174 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3u598arehftfk.cloudfront.net/prebid_hb_3513_5604.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:800:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fbecec0faf60e6df41c3f0a0e60003e9e77716d7c8854fc6c5df62977fd9614

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 08:29:39 GMT
content-encoding
gzip
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified
Fri, 09 Jun 2023 08:27:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
302088
etag
W/"ef914b3dca1d4c389ae6e70b86b60333"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=864000
x-amz-cf-id
WbzvMzu0Cg1LYb3joVt8bJidc3qAfKqBLkFhVJArRp4hA0KGKj4L8w==
jquery-1.11.2.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.2.min.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-176bb"
vary
Accept-Encoding
x-hw
1686601466.dop114.am5.t,1686601466.cds124.am5.hn,1686601466.cds153.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33262
invisible.js
mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame 46FE
Redirect Chain
  • https://mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b91a5b49944986632aa5a6d5736c5fe215d00135298748743ff2b33d8a826b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iAtK9xyTefaV8gRvexSruYmeZsp%2FlnJHsPm381kNP6Yj%2BWO36TPvFVs8qe33Edy5hDMqXnjWLLsXW0ADDY39yCj41TM%2FbfmjwuzKm%2FOfStSYpNF3L%2F85Y09aN7G%2Bhh3wUCW06QPbnGQfIZqvYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d64d13de81d37f1-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 12 Jun 2023 20:24:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2SkzrsXF%2FBTytCUoYIRjB9k36Z%2BDJ4UTCXS4DJPhSc9cSsVUE75Uy69wxpJoL8tDQphRnz63uOz6WPj3iG3AGSG9DkdpC2INA9%2BIRZjGGXR9YtHpXVo4BW8ofpIQKO8pIEDVTdOSXm6Qt6RyrQ%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7d64d13d9fd137f1-FRA
alt-svc
h3=":443"; ma=86400
7d64d1365a282be5
mixrootmods.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 46FE 		0
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixrootmods.com/cdn-cgi/challenge-platform/h/g/cv/result/7d64d1365a282be5
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Jun 2023 20:24:26 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Do9eK0qQwiS4bSh9Zfmc1Dmsgbxcapcuzyj%2FuMnG6%2BmFiQRnTyFaBV1XRyEQGIxJwQ7wY0Eb8CpK8oMVuuNWJwcHLvYjht%2BrDvrwX4TUDYjFAVgbh%2Bb%2Fkb0vkpxJrOCPR0HliPO9wa02xyfdEJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7d64d13f096337f1-FRA
alt-svc
h3=":443"; ma=86400
index.php
adswalla.com/display/ Frame B40E 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adswalla.com/display/index.php?page=query/items/&aduid=612&pid=325&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1600&page_data=7ecc6820a9e84d3652eb57b940637339&time=1686601467&deliver=mixrootmods.com&search_keywords=&page_referrer=aHR0cHM6Ly9taXhyb290bW9kcy5jb20vP2dvPTg4ZWM3YmJlNGEyNWRhZTlhNzY0NWQ1Y2Q2NGU5d0FwYnNDYWRmRWVGbGdpSG5pa2FVMHhXVlJzZURkcVdYcGhUQ3ROUTFGNkwyWkRTbkJFU1VOS1Yzb3pXSEJ0VDBZelVXRnVUbmxOTUQwPQ==&page_title=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&meta_description=
Requested by
Host: adswalla.com
URL: https://adswalla.com/display/items.php?612&325&300&250&4&0&0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.178.164.9 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
9.164.178.68.host.secureserver.net
Software
nginx /
Resource Hash
75685721854b61d789339a37d1f92eccab4288a3eccda38498d73910591676a7

Request headers

Referer
https://mixrootmods.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Jun 2023 20:24:27 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
jquery.min.js
adswalla.com/display/js/ Frame B40E 		243 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adswalla.com/display/js/jquery.min.js
Requested by
Host: adswalla.com
URL: https://adswalla.com/display/index.php?page=query/items/&aduid=612&pid=325&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1600&page_data=7ecc6820a9e84d3652eb57b940637339&time=1686601467&deliver=mixrootmods.com&search_keywords=&page_referrer=aHR0cHM6Ly9taXhyb290bW9kcy5jb20vP2dvPTg4ZWM3YmJlNGEyNWRhZTlhNzY0NWQ1Y2Q2NGU5d0FwYnNDYWRmRWVGbGdpSG5pa2FVMHhXVlJzZURkcVdYcGhUQ3ROUTFGNkwyWkRTbkJFU1VOS1Yzb3pXSEJ0VDBZelVXRnVUbmxOTUQwPQ==&page_title=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&meta_description=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.178.164.9 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
9.164.178.68.host.secureserver.net
Software
nginx /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://adswalla.com/display/index.php?page=query/items/&aduid=612&pid=325&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1600&page_data=7ecc6820a9e84d3652eb57b940637339&time=1686601467&deliver=mixrootmods.com&search_keywords=&page_referrer=aHR0cHM6Ly9taXhyb290bW9kcy5jb20vP2dvPTg4ZWM3YmJlNGEyNWRhZTlhNzY0NWQ1Y2Q2NGU5d0FwYnNDYWRmRWVGbGdpSG5pa2FVMHhXVlJzZURkcVdYcGhUQ3ROUTFGNkwyWkRTbkJFU1VOS1Yzb3pXSEJ0VDBZelVXRnVUbmxOTUQwPQ==&page_title=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 20:24:28 GMT
Last-Modified
Sat, 31 Dec 2022 03:28:43 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249159
data.png
adswalla.com/images/ Frame B40E 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adswalla.com/images/data.png
Requested by
Host: adswalla.com
URL: https://adswalla.com/display/index.php?page=query/items/&aduid=612&pid=325&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1600&page_data=7ecc6820a9e84d3652eb57b940637339&time=1686601467&deliver=mixrootmods.com&search_keywords=&page_referrer=aHR0cHM6Ly9taXhyb290bW9kcy5jb20vP2dvPTg4ZWM3YmJlNGEyNWRhZTlhNzY0NWQ1Y2Q2NGU5d0FwYnNDYWRmRWVGbGdpSG5pa2FVMHhXVlJzZURkcVdYcGhUQ3ROUTFGNkwyWkRTbkJFU1VOS1Yzb3pXSEJ0VDBZelVXRnVUbmxOTUQwPQ==&page_title=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&meta_description=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.178.164.9 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
9.164.178.68.host.secureserver.net
Software
nginx /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://adswalla.com/display/index.php?page=query/items/&aduid=612&pid=325&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1600&page_data=7ecc6820a9e84d3652eb57b940637339&time=1686601467&deliver=mixrootmods.com&search_keywords=&page_referrer=aHR0cHM6Ly9taXhyb290bW9kcy5jb20vP2dvPTg4ZWM3YmJlNGEyNWRhZTlhNzY0NWQ1Y2Q2NGU5d0FwYnNDYWRmRWVGbGdpSG5pa2FVMHhXVlJzZURkcVdYcGhUQ3ROUTFGNkwyWkRTbkJFU1VOS1Yzb3pXSEJ0VDBZelVXRnVUbmxOTUQwPQ==&page_title=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 20:24:28 GMT
Last-Modified
Sat, 31 Dec 2022 03:28:43 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
931
Content-Type
image/png
132-script.js
adswalla.com/upload/html-adcodes/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adswalla.com/upload/html-adcodes/132-script.js
Requested by
Host: adswalla.com
URL: https://adswalla.com/display/items.php?612&325&300&250&4&0&0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.178.164.9 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
9.164.178.68.host.secureserver.net
Software
nginx /
Resource Hash
770c5d1d8459b2a2cc7d1ecb4c0017ef3eec5879162be757224e5fd93781c583

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 20:24:29 GMT
Last-Modified
Wed, 31 May 2023 11:52:43 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2668
2-1676930818.png
adswalla.com/upload/credit/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adswalla.com/upload/credit/2-1676930818.png
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.178.164.9 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
9.164.178.68.host.secureserver.net
Software
nginx /
Resource Hash
d55e61d6a1053ddbd1dd097ac221ea7ab04782d08561cc76941b0c7998205e93

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 20:24:29 GMT
Last-Modified
Mon, 20 Feb 2023 22:06:58 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1559
Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ 		404 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:33:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
28289
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127303
x-xss-protection
0
server
cafe
etag
14748094856067035890
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 11 Jun 2024 12:33:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		354 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mixrootmods.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30015e60656f05dd120af9ab810bd799004a3332e520fbc592b1bfc14d1c4660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
expires
Mon, 12 Jun 2023 20:24:29 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mixrootmods.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 12 Jun 2023 20:24:29 GMT
x-content-type-options
nosniff
content-encoding
br
age
32693
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-ams21028-AMS
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ads
securepubads.g.doubleclick.net/gampad/ 		848 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2436327100261976&correlator=3016055820536938&eid=31073560%2C31075061%2C31068367&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fif&iu_parts=22882176169%2Cmixrootmods&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1721898811&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1686601469368&lmt=1686601469&dlt=1686601466194&idt=3113&adxs=650&adys=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=1367110411.1686601469&ga_sid=1686601469&ga_hid=2056329301&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYrpugiosxSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b5f9caaca95abc3406c91abdd1a657d060335f252f570c3801c05cb72454042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
472
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mixrootmods.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9a8ad4eb55a85ebf02378b5e58f06285.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D1D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9a8ad4eb55a85ebf02378b5e58f06285.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mixrootmods.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 20:24:29 GMT
expires
Tue, 11 Jun 2024 20:24:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
invoke.js
clipperroutesevere.com/ec7d30e6b26451ac549412bb2938d005/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://clipperroutesevere.com/ec7d30e6b26451ac549412bb2938d005/invoke.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 20:24:30 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
tcf2_cmp_hbagency.js
hbagency.it/cdn/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_3513_5604.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670f6a774e46fdb4672ec410b164f24cf883d5afcb2ef4c88084eb62df070092

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6162
cf-polished
origSize=1711
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Feb 2023 10:52:57 GMT
server
cloudflare
etag
W/"6af-5f5c066061950"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spSAS4khsACf%2FhzKGRUgz0jwGGyoL8%2FESMbRZNFOQOfEtko7zqMUbpRFlYpU6Wrz0lG6qZoCjl0zfKRm92eObvwOWc0F3i%2BaGOM9e%2F5Uu14WxPsLCGAze%2B7V%2FKZZUQcLfdeVzTcqLkdmXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7d64d1520dc5912a-FRA
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_3513_5604.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1822519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5117
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mxfst1DGQqtjVznq6XY2QWC1UCfVmcvCvjOH2CuNPxzXJGMEntaI13RSEN6ZU%2FH%2FVSH38UWkvYN8MR6x5%2BnROxPI3B2zCaz2Jd1IWDfB7EB9yZJMul9%2FevpK6OT1ucEHN1m5hRQ5pPz4fDR2vWqicCMB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d64d151dc803a74-FRA
expires
Sat, 01 Jun 2024 20:24:29 GMT
prebid_7_44_ng.js
hbagency.it/cdn/ 		470 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbagency.it/cdn/prebid_7_44_ng.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_3513_5604.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62abb2acb82a1832beb6f7f01a455cc6101d6593963c744771434fc23cac2266

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1549
cf-polished
origSize=481793
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 11:28:34 GMT
server
cloudflare
etag
W/"75a01-5f90dcab31228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZKjznB0rqoT0488q6NgUoTfZCh%2B3EOPnrCMMDhZfhIV%2BvFwfJt5j9Y2sQn1Gvj9lcBYtrkEtKJoNkDzuZ9stu5RLTlCiQp5LbkA839aK1uwvI4IXlvRAfuKcKYjw9m7oAzUXuzeV6BNcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7d64d1520dc6912a-FRA
choice.js
cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Requested by
Host: hbagency.it
URL: https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32aae5c43fa382dde29a65f39d86fa0060c44d9dafa9adc7ecc3a0efebd2f75c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:01 GMT
content-encoding
br
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 10:37:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
29
x-amz-server-side-encryption
AES256
etag
W/"e65bb654e0616b9e5b0d468dc10ae334"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
SV54TcgSaZxMPd867m0NMg95q93VNgvAk03BK1k-suNZpr22wmx7LQ==
index.php
adswalla.com/track/ Frame B40E 		173 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adswalla.com/track/index.php?page=action/impression/0|132|121|325|612|1|158|2|0|132|3.0E-5|3.0E-5|0|0/b99a8d35f1abaf5008ac88a1f23fd2b0/1686601478/NL/
Requested by
Host: adswalla.com
URL: https://adswalla.com/display/index.php?page=query/items/&aduid=612&pid=325&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1600&page_data=7ecc6820a9e84d3652eb57b940637339&time=1686601467&deliver=mixrootmods.com&search_keywords=&page_referrer=aHR0cHM6Ly9taXhyb290bW9kcy5jb20vP2dvPTg4ZWM3YmJlNGEyNWRhZTlhNzY0NWQ1Y2Q2NGU5d0FwYnNDYWRmRWVGbGdpSG5pa2FVMHhXVlJzZURkcVdYcGhUQ3ROUTFGNkwyWkRTbkJFU1VOS1Yzb3pXSEJ0VDBZelVXRnVUbmxOTUQwPQ==&page_title=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&meta_description=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.178.164.9 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
9.164.178.68.host.secureserver.net
Software
nginx /
Resource Hash
02d1993cd06d17138f97ae640d59cfcdc9df40700b0e8a53f743e49df5daba0e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://adswalla.com/display/index.php?page=query/items/&aduid=612&pid=325&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1600&page_data=7ecc6820a9e84d3652eb57b940637339&time=1686601467&deliver=mixrootmods.com&search_keywords=&page_referrer=aHR0cHM6Ly9taXhyb290bW9kcy5jb20vP2dvPTg4ZWM3YmJlNGEyNWRhZTlhNzY0NWQ1Y2Q2NGU5d0FwYnNDYWRmRWVGbGdpSG5pa2FVMHhXVlJzZURkcVdYcGhUQ3ROUTFGNkwyWkRTbkJFU1VOS1Yzb3pXSEJ0VDBZelVXRnVUbmxOTUQwPQ==&page_title=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 20:24:30 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 19 Jun 2023 20:24:30 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:de00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:38:33 GMT
content-encoding
br
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
2758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Fri, 19 May 2023 14:04:40 GMT
server
AmazonS3
etag
W/"f95487cc7143663d91de3ec4a26c4beb"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
OOh8mN6ub7rDc_OGW4BQPY9MBvcNWvd0xI9u6Oc7zfvSXBGMYfR1OQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03cf184f7cecc8c740a7658faeaf1ae18b8153a09e8e2da55f46929fc3537bf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25318
x-xss-protection
0
server
cafe
etag
999 / 19520 / m202306060101 / config-hash: 17170386062800192975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 20:24:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c7a134702394d12269c54813595c93a24e53a8d0419a19a3543016cbd44d0b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47706
x-xss-protection
0
server
cafe
etag
10859694316612204392
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 20:24:30 GMT
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9RG3KFK1NE&gtm=45je3671&_p=2056329301&cid=1367110411.1686601469&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686601470&sct=1&seg=0&dl=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&dt=FFPL%202022%3A%20Free%20Fire%20Pro%20League%20Winter%20Reward%2CPrize%20Pool%2CTeams&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9RG3KFK1NE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 20:24:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mixrootmods.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid-v7.42.0-pre-pixel.js
ads.holid.io/ 		359 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/auto/mixrootmods.com/holid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:16a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb883fcff1964ee95c5a8b2650b69899ecab88bd8c4365bfc61c6a4cf572b26

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475
cf-polished
origSize=367894
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 22 May 2023 12:46:30 GMT
server
cloudflare
etag
W/"646b6426-59d16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIfS8Rc%2F8aaHPHfbuv3T8VEmcqbVVMpez3%2Fk5eX0dw3Eh%2Ba6mK2YdZi5QprmrQAuZH7DQuZZF5jfSR5eCD4IDp4HnQwhftlWSpuRxtOUkNoz1ubLXf09UDz6yU2ApXHR8ybrCUv8xQ1z%2Bp8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
7d64d154ce1e1bc3-FRA
holid.js
ads.holid.io/auto/mixrootmods.com/ 		35 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.holid.io/auto/mixrootmods.com/holid.js
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:16a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c69d51573f4e3f8c03fc0fbabc1b0332b0b212b985d49ab5b887dd496303518

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
cf-polished
origSize=77896
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 29 May 2023 14:15:44 GMT
server
cloudflare
etag
W/"6474b390-13048"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9XJ7huxxcOh%2Fq8KzmRS5UWnOZhNi48skhGiO1JPH2J6%2F8z74%2Bn1TaGfOZj6PBly2cncmPuPVvX601QTH0RnQp78ThtLpT%2FJXAkZeLQjFgwrFYZ4mLs3bFp6eGWtRx0E%2F6PdGkbc2Dbx4g8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
7d64d154de2b1bc3-FRA
rules-p-cJsduNRegvC-s.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-cJsduNRegvC-s.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6eeced513e69e1ac89ce78dcf11108ee15d4a0e3ac647ffaefa8cc8d729059c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:18:10 GMT
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
381
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:17:49 GMT
server
AmazonS3
etag
"afa54eedc608b365bbc9eab8bd1ca4e2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
WWld7cf6gwdLNo84FuP2SeM9khePUF6ZvKH4-ATE9LqSPEEJQMRjZA==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8a00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e88e89ec7f96d859ce3759fd72e6a3f7dd2c48b38aa722e140843fe1cf9e080

Request headers

Accept
application/json, text/plain, */*
Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 03:00:40 GMT
x-amz-version-id
2_3SYD6kTuAbDz.oUYjfM9PxanupdX__
content-encoding
br
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
62631
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 29 May 2023 19:52:29 GMT
server
AmazonS3
etag
W/"beb8778e0e566e6dd95b9e0584ecdf5d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
JoJQx3cd43kYzq86dCaWqaHQIEyNKXG-9HKLnUdO22EssCZ6Btgn6A==
invisible.js
mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame 46FE
Redirect Chain
  • https://mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189a6240568b0211059286264f809e5dbb92e77599ce469b752aa83cd0c34f55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2S7PL%2BsCzHE%2FQ3e%2FSzPACbYgbEI7rFn0v9tWs2Km5y0sIDxBDxm8AgnS%2BSQCXty4lLDpOJ%2Fbe3f6QXvFTHrS1ucYb4IV5XMzmLNE343XrkLVBfk1r2AcnwO9p5vxqF2jl%2FVPYrXeEuK%2FwW3SBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d64d155792f37f1-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 12 Jun 2023 20:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHIUbHCKnZpf%2Brq1TjpNrzitOf3bE%2FexX3K3%2B%2FuFkHRUIoGQ5dYmqfZJBljkPnE3IZLkF87i7O8Fek6YEo6Tnru%2BG68v31fmfMm9M8rNraYvIEWVMidPUORffS5Yo0Nlz8yZzQ%2FWpmqGYXzF3Gc%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7d64d15538e537f1-FRA
alt-svc
h3=":443"; ma=86400
fbbe694a-5f37-443a-9a24-0df288da60b1
pp.mndsrv.com/v1/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pp.mndsrv.com/v1/fbbe694a-5f37-443a-9a24-0df288da60b1
Requested by
Host: ss.mndsrv.com
URL: https://ss.mndsrv.com/banner.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.241.100.27 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS
cs2196.mojohost.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Jun 2023 20:24:30 GMT
Server
nginx/1.20.1
Connection
keep-alive
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad26fa5aed958edad08b2206a797b7ec19cf6f9f3e9a0245c97cf34aef25e4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11213
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0bab9351e4ac5584457681749e5d01267b0a62cc6bb0d5f97e25f800b2a65731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 12 Jun 2023 20:24:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
15821
x-jsd-version
1.0.1719
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
823
x-served-by
cache-fra-eddf8230103-FRA, cache-ams21079-AMS
x-jsd-version-type
version
etag
W/"636-RJQ9mfhIxI6KwsVOG+O46PVXxVc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
openrtb
adx.adform.net/adx/ 		0
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 20:24:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mixrootmods.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
helloworld.holid.io/openrtb2/ 		292 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://helloworld.holid.io/openrtb2/auction
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:16a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c762a3ad7175ad3e3855b230289de5f9c5b0c4e72694dfe243a5682f713095

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid
pbs-go/unknown
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cue%2BtckHrZ6nUTeRai1RWYk%2B1ePZMan68CIf4uLCxEXe1wZVEiLt0651rosz8tEheEaTQ7qrLNLTiEpAqkfYU%2F%2FgSpgvAm9jM1CcdObFlbmD6JnY8SDnUl5dRAjlDbLVIPU0DljFjdnpcduPog2jjJy8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mixrootmods.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7d64d1566fcb1bc3-FRA
expires
0
auction
helloworld.holid.io/openrtb2/ 		290 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://helloworld.holid.io/openrtb2/auction
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:16a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b403bc3236ea5bc5ce70b2e1cfced8a915a0a1a6d4ebc0d9b446e8c70739b99c

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid
pbs-go/unknown
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmcCpu%2B%2Bem9%2BK9K5oVOk6Whki1Q1s%2FqRuN%2Fw0z5USM27HrZ%2BVoyGnwpoMicnOqVhZi91FEcLqXP%2BOKnRhLnThzhixNCX0JVdTPEUcgyJNtPOjtHWK%2FMntcLssgrS0e7Wg9urnYjYlKC8C7Q5Ynz2rLVw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mixrootmods.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7d64d1566fc81bc3-FRA
expires
0
auction
helloworld.holid.io/openrtb2/ 		292 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://helloworld.holid.io/openrtb2/auction
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:16a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7000a39ec4060041001c0d702758247b8e293cb435d236397c9d840df8bc8276

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid
pbs-go/unknown
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCmbD0S11%2FxoidzmhysnOTDcsrUdKBvsqVeLuhe5frxerV9F7lLm6wigXwHs16X%2FA6H0ypqQkSpwfTuf7E37NJ2p9t%2BD3gTWHjtEmOy%2BNCza3FYRqef4QzyYcKWdf%2B%2BtQvlG2OX2P4L06K6b1mMcTUjs"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mixrootmods.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7d64d1566fc91bc3-FRA
expires
0
auction
helloworld.holid.io/openrtb2/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://helloworld.holid.io/openrtb2/auction
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:16a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a5a03267f93f4d066114720e357d87dd35d5284b4a0d3451526fbfaf4b63336

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-prebid
pbs-go/unknown
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB0f5h1ROPk0jOy8I4yjnN7zOopNMpwa87CD7Lt8HHmZ63r8BoQ8o94Q3nsQeNY%2BfbgGzbsst5mk0UlEI0OHZD2Wz%2FTtpG9CDRV%2BsamtXdLWCJiYbWwgT1Wt4AFeS%2FNJQ1RUAQnCJRgelBmYDCcdG5LM"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mixrootmods.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7d64d1566fc31bc3-FRA
expires
0
prebid
ib.adnxs.com/ut/v3/ 		478 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
67e0c184cbadb877f14bb35e8c28c77e7fe0efda3b47bae80380d4de40a834ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 20:24:30 GMT
AN-X-Request-Uuid
a55e4364-adcd-4d5f-a1e3-6eec32cd7892
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mixrootmods.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
95.211.95.249; 95.211.95.249; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
478
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		488 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672280&size_id=2&alt_size_ids=1%2C31%2C55%2C57%2C78%2C79%2C145&us_privacy=1---&rp_schain=1.0,1!holid.io,1056,1,,,&eid_pubcid.org=f83c0e67-ee04-4095-8ffb-29b1812ac2d6%5E1&rf=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&tg_i.page=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&tg_i.domain=mixrootmods.com&tg_i.pbadslot=%2F21756427176%2FDefault1&tk_flint=pbjs_lite_v7.42.0-pre&x_source.tid=d295b2e1-7d60-449e-b82e-bb6b9759756c&l_pb_bid_id=17ad2aaaf8d3d4d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21756427176%2FDefault1&slots=1&rand=0.6254974409678109
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
962369a43296384f632fee88c6130b11c612dbbcb550d70b7e48a33ea7f5a22d

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 20:24:30 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mixrootmods.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
488
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		486 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672282&size_id=2&alt_size_ids=31%2C55%2C57%2C78%2C79%2C145&us_privacy=1---&rp_schain=1.0,1!holid.io,1056,1,,,&eid_pubcid.org=f83c0e67-ee04-4095-8ffb-29b1812ac2d6%5E1&rf=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&tg_i.page=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&tg_i.domain=mixrootmods.com&tg_i.pbadslot=%2F21756427176%2FDefault2&tk_flint=pbjs_lite_v7.42.0-pre&x_source.tid=1edf3645-e211-4519-a5ee-0ce9dd8ce690&l_pb_bid_id=181d599387c5643&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21756427176%2FDefault2&slots=1&rand=0.4236070016461351
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
673513b96f494ac4d41df69b65ad3fc4249b32737a2538efb292b3620a305136

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 20:24:30 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mixrootmods.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
486
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		487 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2672300&size_id=2&alt_size_ids=31%2C55%2C57%2C78%2C79%2C145&us_privacy=1---&rp_schain=1.0,1!holid.io,1056,1,,,&eid_pubcid.org=f83c0e67-ee04-4095-8ffb-29b1812ac2d6%5E1&rf=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&tg_i.page=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&tg_i.domain=mixrootmods.com&tg_i.pbadslot=%2F21756427176%2FDefault11&tk_flint=pbjs_lite_v7.42.0-pre&x_source.tid=100e7135-4752-4672-a342-30c060792ccf&l_pb_bid_id=192e14db3ccf74f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21756427176%2FDefault11&slots=1&rand=0.8364542845822847
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e007ed32f080214b5771c8dd6cd2729bca4645ba28c43cae10b969b93a65c33d

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 20:24:30 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mixrootmods.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
487
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		508 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19172&site_id=455578&zone_id=2673954&size_id=15&alt_size_ids=9%2C8%2C10%2C14%2C16%2C32%2C43%2C44%2C48%2C67%2C72%2C159&us_privacy=1---&rp_schain=1.0,1!holid.io,1056,1,,,&eid_pubcid.org=f83c0e67-ee04-4095-8ffb-29b1812ac2d6%5E1&rf=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&tg_i.page=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0%3D&tg_i.domain=mixrootmods.com&tg_i.pbadslot=%2F21756427176%2FDefault21&tk_flint=pbjs_lite_v7.42.0-pre&x_source.tid=33c2fcf0-afa8-45b8-b1a4-8d83b6fc468e&l_pb_bid_id=20fd18879cabad1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21756427176%2FDefault21&slots=1&rand=0.3340145274159514
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f776241fee06c3da717822d380a0472d30a60298318d494e08d60af25a78ae20

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 20:24:30 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mixrootmods.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
508
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ 		0
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: ads.holid.io
URL: https://ads.holid.io/prebid-v7.42.0-pre-pixel.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 20:24:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mixrootmods.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
7d64d1365a282be5
mixrootmods.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 46FE 		0
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixrootmods.com/cdn-cgi/challenge-platform/h/g/cv/result/7d64d1365a282be5
Requested by
Host: mixrootmods.com
URL: https://mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJZ7djt1g7MWBgBkGZQqYkv%2BTXzuAdBv8aAai2FakZVMOifsG0FmE4yQ%2BVkW%2BaTt2VYyzEAmd28oZl9Tt%2BWXS%2BiveoRMpNR90kUfHrqPNxmPFEqc7Fu7fct%2B0xH9nQx99liudbcqBcQpvgNi4vw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7d64d156daa037f1-FRA
alt-svc
h3=":443"; ma=86400
cmp2ui-en.js
cmp.quantcast.com/tcfv2/47/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 14:56:34 GMT
content-encoding
br
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
19677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Fri, 19 May 2023 14:04:10 GMT
server
AmazonS3
etag
W/"556bc7ca21432cc0628ff6f67a5e09bc"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
NdZvM4a4FnBz-ncG2YRbNzmSr06jKaQ29pghPcDRompTVUknJpudAg==
vendor-list-trimmed-v1-tmp.json
cmp.quantcast.com/GVL-v2/ 		353 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1-tmp.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 03:00:35 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
62636
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Fri, 19 May 2023 13:17:10 GMT
server
AmazonS3
etag
W/"3bbcdaed7cdab54742c76eb6b3acaff4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
C8y8uBeRpgOdjeKkphuT0Jv99ox4LpqklmYHUcn4MoA9nG2JvPBcxg==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		151 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept
application/json, text/plain, */*
Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 03:00:28 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
62643
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 12 Jun 2023 03:00:26 GMT
server
AmazonS3
etag
W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
uy2ZQ3Z_yJ8a1OtJzV4yRWsmbFlWTi22-3rjbTbHPrhD0icldb6TQQ==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mixrootmods.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 20:24:30 GMT
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22cJsduNRegvC-s%22%2C%22domain%22%3A%22mixrootmods.com%22%2C%22publisher%22%3A%22hbagency.it%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.47%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22LGDgJWUxtd52IEw3CY2J%2FA%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1686601470625%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-3zrdjof1mz1q0xbec174%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.226.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-226-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://mixrootmods.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Jun 2023 20:24:30 GMT
content-length
2
content-type
text/plain; charset=utf-8
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7775 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mixrootmods.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 18:33:02 GMT
expires
Tue, 11 Jun 2024 18:33:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 44BE 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
13e31874022e7c9ffa7a6486683a18c9075a81cc518f6d5591d2d3562531cb59
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fc7RDmX1Dkt3lEFcFKBrLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mixrootmods.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Fc7RDmX1Dkt3lEFcFKBrLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 20:24:31 GMT
expires
Mon, 12 Jun 2023 20:24:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame 7775 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:33:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
521477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 19:33:13 GMT
generate_204
tpc.googlesyndication.com/ Frame 7775 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?00fOAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 20:24:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 44BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306060101&jk=2436327100261976&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| onbeforetoggle object| onscrollend object| CloudflareApps function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser object| builder string| url string| content object| __cfQR number| adcode_count function| post_sticky_handler function| post_noads_handler function| post_trackdata_handler function| post_skin_handler function| post_expandable_handler function| post_outsideIframeAdDisplay_handler function| post_pop_handler function| post_interstitial_handler function| post_native_handler function| native_resize_handler function| post_iframe_handler object| ItemDataScript_parameter string| ItemDataScript_parameter_new object| ItemDataScript_parameter_seperate string| aduid string| pid string| width string| height string| displaytype number| responsive number| block_id number| adSectionWidth object| page_meta_data string| page_title string| page_referrer string| meta_description string| meta_keywords string| search_keywords number| currently_rendered number| currently_rendered_flag string| currently_rendered_adunit object| cpc_impression object| cpm_impression object| cpa_impression string| cpd_impression string| cpv_impression object| html_impression string| pop_impression string| ret string| iframe_src string| urlorigin object| responsedata object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| gaGlobal object| pbjs function| $ function| jQuery object| atOptions boolean| Tghb boolean| hbagency_ismobile boolean| hasvideo_hbagency boolean| hasvideo_hbagency_content boolean| hassmilewanted_hbagency boolean| hasteads_hbagency boolean| hasgeoedge_hbagency boolean| hascmp_hbagency boolean| registerConsent_hbagency boolean| hbagency_usp boolean| autoapprovecmp_hbagency boolean| monitor_hbagency object| fdpCategories object| fdpSubCategories string| fdpKeywords string| analytics_hbagency number| PREBID_TIMEOUT_hbagency number| PREBID_TIMEOUT_R_hbagency string| USER_ID_hbagency string| WEBSITE_ID_hbagency string| nomesite_hbagency string| domain_hbagency object| ZONE_ID object| headerbidding_mp object| hb_floors_hbagency object| adUnits_hbagency string| urlhb_3 string| urlHbstats string| urlHbstatsAnalytics object| pbjs_hbagencyicd boolean| autopromo_hbagency number| cpmfixvideo_hbagency boolean| adagioanalytics_hbagency boolean| hbrefreshFD object| refreshedHB object| refreshedHBT object| refreshedHBPassback boolean| cmphbagency boolean| isloadebrid boolean| isloadedima boolean| ispubstackHB undefined| currentImg object| safe_b_hbagency object| bidder number| j object| realTimeDataHB object| dp object| idw boolean| hbagencyisIE11 object| hbManager object| ADAGIO function| HBManager function| postscribe function| __tcfapi function| __uspapi object| pbjs_hbagencyicdChunk object| invibes object| _qevents function| gtag object| dataLayer object| google_reactive_ads_global_state object| google_tag_manager function| detectAdBlock function| adBlockDetected function| timer function| wpsafegenerate function| onTimesUp function| startTimer function| formatTime function| setRemainingPathColor function| calculateTimeFraction function| setCircleDasharray boolean| __cfRLUnblockHandlers function| onYouTubeIframeAPIReady number| PREBID_TIMEOUT number| holidSiteId object| adUnits_holid object| bannerWidescreen object| bannerCube object| bannerTower object| bannerMobile object| bannerTablet object| bannerCustom object| bannerNative string| type undefined| len object| adUnits_holid_org object| holid_div_ids object| adUnits_inUse object| bannerOverride undefined| refresh_interval number| refresh_num number| holid_refresh_max boolean| refresh_height undefined| interval number| interval_check_time_in_view undefined| interval_init object| slots number| holid_interval_find_empty_divs number| holid_interval_timer number| holid_interval_timer_reuse number| holid_time_minimum_time_in_view number| holid_time_extra_for_refreshed_banners number| holid_time_check number| holid_time_minimum_before_refresh number| holid_interval_counter number| holid_time_max_before_refreshed_banners_in_view object| div_ads object| acceptedFormats number| windowWidth function| isVisible function| isElementInViewport function| addElement function| holid_find_empty_divs object| customConfigObject function| destroy_slots function| getParentClassName function| return_found_adUnits function| sendAdserverRequest function| holid_check_time_in_view function| holid_show_ads function| holid_check_for_new_ad_divs function| holid_refresh_current_ads function| holid_init function| waitForStart boolean| acceptedFormat object| slot function| quantserve function| __qc object| ezt object| _qoptions object| regeneratorRuntime function| __tcfapiui string| cookie_content_value object| cookie_content_data object| pbjsChunk object| GoogleGcLKhOms

12 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mixrootmods.com/ Name: __gads
Value: ID=57a0a9c87f3c488c:T=1686601469:RT=1686601469:S=ALNI_MY5kXG5NrJPkUWnaiP9khPco5SbGw
.mixrootmods.com/ Name: __gpi
Value: UID=00000c47e2933219:T=1686601469:RT=1686601469:S=ALNI_Maz7DqC-YPgytrbaQlDc2uWw06Bjg
.mixrootmods.com/ Name: _ga_9RG3KFK1NE
Value: GS1.1.1686601470.1.0.1686601470.0.0.0
.mixrootmods.com/ Name: _ga
Value: GA1.1.1367110411.1686601469
mixrootmods.com/ Name: _data_html
Value: 132-1-1686605070
mixrootmods.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChkIl9KIARAKGAEgASgBMP79naQGOAFAAUgBEP79naQGGAA.
.adnxs.com/ Name: uuid2
Value: 2604485419699795530
.mixrootmods.com/ Name: __cf_bm
Value: FcZubPZ2SUa4STUlXVz25lxhy2RYRch_KlpfMAUdltY-1686601470-0-AYErnG/JinkvHGjevY/E8Y9xqFlLS0K52Z27sGafHBQLze6VpB7S3bdgshXRBvsbkw==
.rubiconproject.com/ Name: khaos
Value: LITAYVLS-M-DOPP
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0UjkcHTcXkoXMylPn9loes1z8yuimHAOLeybiJbAMGatKEHp6IvJWOrUCjYPYPE4GUb88NWmh0e8xuhZpbWKLtbrVV+LpKnLA=

3 Console Messages

Source Level URL
Text
security warning URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=
Message:
Mixed Content: The page at 'https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=' was loaded over HTTPS, but requested an insecure element 'http://technicalatg.com/wp-content/uploads/2022/11/wait4-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=(Line 104)
Message:
Mixed Content: The page at 'https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDSnBESUNKV3ozWHBtT0YzUWFuTnlNMD0=' was loaded over HTTPS, but requested an insecure element 'http://technicalatg.com/wp-content/uploads/2022/11/wait4-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://clipperroutesevere.com/ec7d30e6b26451ac549412bb2938d005/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9a8ad4eb55a85ebf02378b5e58f06285.safeframe.googlesyndication.com
ads.holid.io
adservice.google.com
adswalla.com
adx.adform.net
appkamods.com
audit-tcfv2.cmp.quantcast.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
clipperroutesevere.com
cmp.quantcast.com
code.jquery.com
d3u598arehftfk.cloudfront.net
fastlane.rubiconproject.com
files.technicalatg.com
fonts.googleapis.com
hbagency.it
helloworld.holid.io
ib.adnxs.com
maxcdn.bootstrapcdn.com
mixrootmods.com
onclickperformance.com
pagead2.googlesyndication.com
pp.mndsrv.com
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
ss.mndsrv.com
technicalatg.com
test.cmp.quantcast.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
173.233.137.44
18.198.226.87
185.89.210.122
199.241.100.27
2001:4de0:ac18::1:a:2a
2600:9000:223c:a000:6:44e3:f8c0:93a1
2600:9000:223f:800:1f:946:f000:21
2600:9000:2240:6400:9:46dc:4700:93a1
2600:9000:225e:8a00:3:a4cd:8380:93a1
2600:9000:236e:de00:9:46dc:4700:93a1
2602:803:c004:200::140
2606:4700:3031::6815:16a6
2606:4700:3033::6815:1319
2606:4700::6811:180e
2606:4700::6812:bcf
2606:4700:e0::ac40:6314
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a04:4e42:400::485
2a06:98c1:3121::3
35.190.55.95
37.157.6.242
68.178.164.9
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
02d1993cd06d17138f97ae640d59cfcdc9df40700b0e8a53f743e49df5daba0e
03cf184f7cecc8c740a7658faeaf1ae18b8153a09e8e2da55f46929fc3537bf0
0bab9351e4ac5584457681749e5d01267b0a62cc6bb0d5f97e25f800b2a65731
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10e85917f8b8410fabb0802be97fdb9948d0ad203220f08826e85b8c59eb80de
11deecf3ad78e61b49f13104db1bf43a2f859910a7f586709aa43748a2e06eda
13e31874022e7c9ffa7a6486683a18c9075a81cc518f6d5591d2d3562531cb59
14d18bbfffc123a6b542c8f50eba58c92cf589584cedbd5e823401997f4e9123
189a6240568b0211059286264f809e5dbb92e77599ce469b752aa83cd0c34f55
1b5f9caaca95abc3406c91abdd1a657d060335f252f570c3801c05cb72454042
24b05a7f551a61746572b9c72e45608f295268e9e69bcbb27ffeaa3c2c9669ca
2a5a03267f93f4d066114720e357d87dd35d5284b4a0d3451526fbfaf4b63336
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30015e60656f05dd120af9ab810bd799004a3332e520fbc592b1bfc14d1c4660
3121a25a411e9883cacbe2094f0094cc6ba9b909927741c6d01350bd950ff044
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
32aae5c43fa382dde29a65f39d86fa0060c44d9dafa9adc7ecc3a0efebd2f75c
33edfcdb55624e2ef79424510a88da7e0735f27ddb2d5cebfa75bc48e9b943cb
3958024eece6b5c86e04aa780d3b6c549ad757119c8b4a4bc6eb087acfb6f8f1
3abf26b6c029cfe179f110312451f620b14ded134a7664695bdb8e10287d2ec1
41c762a3ad7175ad3e3855b230289de5f9c5b0c4e72694dfe243a5682f713095
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62abb2acb82a1832beb6f7f01a455cc6101d6593963c744771434fc23cac2266
670f6a774e46fdb4672ec410b164f24cf883d5afcb2ef4c88084eb62df070092
673513b96f494ac4d41df69b65ad3fc4249b32737a2538efb292b3620a305136
67e0c184cbadb877f14bb35e8c28c77e7fe0efda3b47bae80380d4de40a834ea
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936
6c69d51573f4e3f8c03fc0fbabc1b0332b0b212b985d49ab5b887dd496303518
7000a39ec4060041001c0d702758247b8e293cb435d236397c9d840df8bc8276
75685721854b61d789339a37d1f92eccab4288a3eccda38498d73910591676a7
770c5d1d8459b2a2cc7d1ecb4c0017ef3eec5879162be757224e5fd93781c583
79b91a5b49944986632aa5a6d5736c5fe215d00135298748743ff2b33d8a826b
7c7a134702394d12269c54813595c93a24e53a8d0419a19a3543016cbd44d0b6
7fbecec0faf60e6df41c3f0a0e60003e9e77716d7c8854fc6c5df62977fd9614
806452f1b480eeeadffcc371cb695fc34d6accba5ebaab95fe8c7b50d8d6061b
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca
8a64910872e140c9fdee68753b9a8a8c6ade93b2e55be7cf91dbcf060b314fe8
8bc1c04509564c36236f7f79b469e1c6f357f3d4f66bbf5ef9c3f301c790eddb
8e88e89ec7f96d859ce3759fd72e6a3f7dd2c48b38aa722e140843fe1cf9e080
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
962369a43296384f632fee88c6130b11c612dbbcb550d70b7e48a33ea7f5a22d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a957c98db72c2b088414f850aadadb1b3af2c1d99e5a016ee39967a15a8b7cfb
ad26fa5aed958edad08b2206a797b7ec19cf6f9f3e9a0245c97cf34aef25e4c2
b403bc3236ea5bc5ce70b2e1cfced8a915a0a1a6d4ebc0d9b446e8c70739b99c
bb28a678e90b9d97bba59a3c3028c2b3a5bd1c61c8e8fbb32edc0d25d5102685
bcb883fcff1964ee95c5a8b2650b69899ecab88bd8c4365bfc61c6a4cf572b26
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0f3143f3ecea93e92391e08de3461a779d9c5094241779ccf1b57665a081133
d55e61d6a1053ddbd1dd097ac221ea7ab04782d08561cc76941b0c7998205e93
d6eeced513e69e1ac89ce78dcf11108ee15d4a0e3ac647ffaefa8cc8d729059c
db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3
e007ed32f080214b5771c8dd6cd2729bca4645ba28c43cae10b969b93a65c33d
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb644f290f0fb1ea074d5a52e431e49cf9fa4adc1b345e7719d0d27a3fe78c9a
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
f776241fee06c3da717822d380a0472d30a60298318d494e08d60af25a78ae20
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1