bloodhelpers.com Open in urlscan Pro
2400:8901::f03c:92ff:fe8a:f267 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bloodhelpers.com/
Submission Tags: falconsandbox
Submission: On March 13 via api (March 13th 2022, 6:22:34 pm UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 83 HTTP transactions. The main IP is 2400:8901::f03c:92ff:fe8a:f267, located in Singapore, Singapore and belongs to LINODE-AP Linode, LLC, US. The main domain is bloodhelpers.com.

This is the only time bloodhelpers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2400:8901::f0... 2400:8901::f03c:92ff:fe8a:f267	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 12	2600:9000:203... 2600:9000:2038:9800:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	3.123.86.254 3.123.86.254	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.14 143.204.98.14	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
83	17

35 2400:8901::f03c:92ff:fe8a:f267 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)

bloodhelpers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2038:9800:3:c04e:c780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.86.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-86-254.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-14.fra50.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	bloodhelpers.com bloodhelpers.com	103 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	299 KB
15	sharethis.com 1 redirects w.sharethis.com — Cisco Umbrella Rank: 18176 ws.sharethis.com — Cisco Umbrella Rank: 7239 l.sharethis.com — Cisco Umbrella Rank: 4230 count-server.sharethis.com — Cisco Umbrella Rank: 11093	93 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	31 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	914 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	26 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	36 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635	11 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	9 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251	32 KB
83	12

	Domain	Requested by
35	bloodhelpers.com	bloodhelpers.com
10	ws.sharethis.com	w.sharethis.com ws.sharethis.com bloodhelpers.com
10	pagead2.googlesyndication.com	bloodhelpers.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	bloodhelpers.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	l.sharethis.com	w.sharethis.com bloodhelpers.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	w.sharethis.com	1 redirects bloodhelpers.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	bloodhelpers.com
1	count-server.sharethis.com	ws.sharethis.com
1	static.xx.fbcdn.net	www.facebook.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	bloodhelpers.com
1	ajax.googleapis.com	bloodhelpers.com
83	18

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://bloodhelpers.com/
Frame ID: 4D10BBB112EA8CF227CF7EB08C6C7739
Requests: 58 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Frame ID: 67606AB2E6105100D1E393EB55351AF3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1647195749&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1647195749016&bpp=16&bdt=431&idt=156&shv=r20220308&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1263101021888&frm=20&pv=2&ga_vid=250031105.1647195749&ga_sid=1647195749&ga_hid=1819272687&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C31064857%2C44756432&oid=2&pvsid=2367370566159896&pem=586&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=boMsUNPqkv&p=http%3A//bloodhelpers.com&dtd=172
Frame ID: AB1347F7CD963E4A24FD8ECEA67697E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9QLc1DEtQIyiZoS4sjm2Xg2BzqScgwjkRd7fA3SC42Ii9eBETBjcGcu6czi_4395aa-fnK5S9sXWXAhCedWYOhec2vm9D6DLt7dIGd_mQl-R4UOMyb5p9cuyzZR1FLKW51es3kgFQ_25P4tMXTxzKmoBma9vO_hzbviw8oFnkm7LZlShfXJFFJPqdDZDjvYD73cMtiowgYyFpf5uPqdGy-QkJMTOYmIAsNfQsJNFV4KLprbJPrQqWiyq4taDlP_SPskdsD7QhIHkmjlOXL9J5PI4vx6FIPelciQxQzrnEAwDe5YY6OPoeG9IJAv4WsTjemikZxjOy5VpyEz9CCa30497NNGlyCV7FawDkDRZeuu0RmEV6uvu6m-xH2ckK3BZKr7D3UYAPkbhHM5ecD4SDqEArNWCd_AL9F64w5ZkK58V2VV28vY0uZ6C7xjS8wZ7T2PGudMxDz4dSo7DU_wAeFkOpEHBRsQ9K0Wih1KHgRoFpmtUMgArLBkQNXDYaVfBUVJbTr7zi-5GLLVTyaGw4qEL_RBHTmzt1XSIjT1zOq7M_b6uNBgRdYLue68mdMJj36-MZDqFhjzNQbb3_rZ4a3pbxNnz5CU0XqSbnLlj6-d__Sav2ml4bQj4QJMZyTD1E8XLknYcCj1kcHE5kr4CPW9QL0rl5II60sA5bvxBegMY08S-KU2H3Xi-EZIy_6MmqOaIURFVe6Nx5SHl9kShz2OFtjlTqlNzjUDGgDwaiqjV0Dva39b4ClLxb8DQ-L2NQPTJnanWSP_StGoY9rJDmcEss_vIXD9RsqxbNaHQDu16fc-3yqwQwBqDIvKE_VpSjEHLNXlQf3iiHeCY8OJUM09eox9Jq6ndCy-G278uT2yQ2UP_hntkKFfeRTVK7SbN9qWvAMwIfyPYbrGg586cGRCKVg_rRUrsd_UhXTgLvpBfTQSnGBqFhy_260_A-_O7wpIQCGFZBXl-5dWo29pq9&sai=AMfl-YRxiAJu3MdBnHF8WN3h9rlOtE8sAqthClC_rxd7MmLy23XWYjxgck3cww&sig=Cg0ArKJSzH2LJHhl_sIkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 5D0FFE8DBAD03BF718A9A0CCF108E086
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ADA567E0780004D1E6029AA0FC2C2622
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 554B472D03E54A9D9A07EB131F78C2CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&adk=1812271804&adf=3025194257&lmt=1647195750&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbloodhelpers.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1647195750265&bpp=1&bdt=1680&idt=1&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9f3368c95484154-221ad10e5acd0005%3AT%3D1647195749%3ART%3D1647195749%3AS%3DALNI_MaPdygBNDbQnlMp8z-cTXZghvZU8Q&prev_slotnames=1676498701&nras=1&correlator=1263101021888&frm=20&pv=1&ga_vid=250031105.1647195749&ga_sid=1647195749&ga_hid=1819272687&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C31064857%2C44756432&oid=2&pvsid=2367370566159896&pem=586&tmod=176642592&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=18
Frame ID: 62F4C6DDF5553CC35382A52BCADA7D85
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C974105BA875FFEBACA11B6D24A45517
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D4FFBE7E0444FF0271FFA8518F10B7F
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 69F8C5F3AA0845E05831B40FE1324650
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Indian database of blood donors - Donate Blood ! Save a life !

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

ShareThis (Widgets) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

55 %
HTTPS

75 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

643 kB
Transfer

1720 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://w.sharethis.com/button/buttons.js HTTP 301
https://w.sharethis.com/button/buttons.js

Request Chain 32

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80 HTTP 307
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80

83 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bloodhelpers.com/ 82 KB
14 KB 568ms
222ms Document
text/html 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 18b537d1b18b7e39ce0c4c7c6abaa53c2f1d4e0d308caf78d584622f32464ca2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 13 Mar 2022 18:22:28 GMT
Server: Apache/2.4.18 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13676
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bloodhelper.css
bloodhelpers.com/css/ 15 KB
3 KB 180ms
180ms Stylesheet
text/css 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://bloodhelpers.com/css/bloodhelper.css
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 465d576714c8de5cf1f7f962251bcf51d64fb73155a41ebf3ac2525938501a2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2017 09:22:21 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3d0a-55599916e6221-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3216

GET
H/1.1 200
OK chosen.css
bloodhelpers.com/css/ 15 KB
3 KB 314ms
171ms Stylesheet
text/css 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://bloodhelpers.com/css/chosen.css
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fd0d2d25b0bae9f94ab8afb18b9b5341bec98a9f20926e91bbb528acdccf5dc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2017 09:22:21 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3dfc-55599916e6221-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2669

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.4/ 90 KB
32 KB 55ms
14ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 16:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32222
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 16:54:50 GMT

GET
H/1.1 200
OK chosen.jquery.js Show response
bloodhelpers.com/js/ 38 KB
8 KB 372ms
192ms Script
application/javascript 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://bloodhelpers.com/js/chosen.jquery.js
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e498735abec99119623c06b3b289a236709fe4bae0e75f8a2bcdc236c4fa7416

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2017 09:22:28 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "998e-5559991d128b1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7769

GET
H/1.1 200
OK logo.jpg
bloodhelpers.com/images/ 6 KB
6 KB 177ms
176ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/logo.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 90ae6a92534dd5280d5dd7ee4e2ae906e67b238cd99eb101d1cd9b8ce448ef97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1641-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5697

GET
H/1.1 200
OK tab_top.jpg
bloodhelpers.com/images/ 2 KB
2 KB 167ms
166ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tab_top.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4f0b8a92c4b966af8298f43c059ec089461ee7a36fe53ee407ab39485194e358

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "69f-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1695

GET
H/1.1 200
OK inform.gif
bloodhelpers.com/i/ 2 KB
2 KB 237ms
236ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/inform.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c4b8a8c6703278963efa13c2536ca546ed08f55a0dbab145d5500f850691d8a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6ea-55584ca1ea691"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1770

GET
H/1.1 200
OK tab_bottom.jpg
bloodhelpers.com/images/ 1 KB
2 KB 253ms
252ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tab_bottom.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: aa7d7130a1412cd7df7976029c244e17ae541393962321ef3798d4fd31a8c1fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5f6-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1526

GET
H/1.1 200
OK logintop.jpg
bloodhelpers.com/images/ 932 B
1 KB 1174ms
169ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/logintop.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 72733f17413f79408f89e9d85b9e44fcd10c9a8351d26c204b497d2769b67fc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:30 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3a4-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 932

GET
H/1.1 200
OK loginbottom.jpg
bloodhelpers.com/images/ 962 B
1 KB 1210ms
174ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/loginbottom.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c1abbde5f157de3a571a6e12ceea7466953640d23fbe0e5b7339d04c4b0e73ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:30 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3c2-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 962

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 113 KB
40 KB 52ms
34ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6be39c2617f3c5012e913c62cce93a39e67bb0414044f58aa09e6dde12cbfb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 13 Mar 2022 18:22:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7077683470478969270
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40132
X-XSS-Protection: 0
Expires: Sun, 13 Mar 2022 18:22:28 GMT

GET
H/1.1 200
OK tabsearhtop.jpg
bloodhelpers.com/images/ 2 KB
2 KB 633ms
177ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabsearhtop.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e7f3e6e7de4d0e4b7b1ac851f43188836a609a0e77b4c6f5ade29b8c9b80e946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "66f-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1647

GET
H/1.1 200
OK tabsearhbottom.jpg
bloodhelpers.com/images/ 1 KB
2 KB 712ms
259ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabsearhbottom.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 7c1dc78e5284f0f937fc9159ca5418fd27aac3e93eb813bf6477cca5c34bf998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5b0-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1456

GET
H/1.1 200
OK tabrequesttop.jpg
bloodhelpers.com/images/ 2 KB
2 KB 764ms
162ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabrequesttop.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 248efbcc76b3d0a7264cb4cbc225aa44606b05c639dc6bd1ddf40157f72d43c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6e4-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1764

GET
H/1.1 200
OK tabrequestbottom.jpg
bloodhelpers.com/images/ 2 KB
2 KB 904ms
170ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabrequestbottom.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e8d4ff5367de8df94634d960c32dd62bceb138308cffddbc2656492fcfd7a934

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6a3-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1699

GET
H/1.1 200
OK male.jpg
bloodhelpers.com/i/ 25 KB
25 KB 853ms
237ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/male.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fdf2ce1dd291ed85237de3ca32c8595089ea91b09439ed40afc63a240549e4fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6368-55584ca1ea691"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 25448

GET
H2

200

buttons.js Show response
w.sharethis.com/button/
Redirect Chain

http://w.sharethis.com/button/buttons.js
https://w.sharethis.com/button/buttons.js

59 KB
17 KB

128ms
55ms

Script
application/javascript

2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.sharethis.com/button/buttons.js

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 01:19:06 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 234204
x-cache: Hit from cloudfront
content-length: 16739
server: nginx/1.20.1
etag: W/"61e1c3a2-ea95"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: HEL50-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: qVREzxd1RB0QzflazgnRXStW_NgbxgBsXVnxSHQDA4EldOyB-3TCuw==
expires: Mon, 14 Mar 2022 01:19:05 GMT

Redirect headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Via: 1.1 0e53369843ffff152c4f962eb3b91d2a.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: HEL50-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://w.sharethis.com/button/buttons.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: yx2oJ3aKq8rUbLwnGhYnyq6_6U0WMi5dAzzedqGasTn-4HOrtW2R8Q==

GET
H/1.1 200
OK sliderHeader.jpg
bloodhelpers.com/images/ 431 B
716 B 333ms
172ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/sliderHeader.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5e0eb783dd1df7d0d104169c210fe8775412af11f797b5c9fd368c6d0b5b1c93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1af-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 431

GET
H/1.1 200
OK tab_bg.jpg
bloodhelpers.com/images/ 422 B
708 B 315ms
164ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tab_bg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fc345ad17d1564c82cf169a6e0a9be99d6a67f66568396c49575678d0179f4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1a6-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 422

GET
H/1.1 200
OK loginbg.jpg
bloodhelpers.com/images/ 356 B
641 B 455ms
232ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/loginbg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 776654f7b3bf08c9ad34b8a4346af6dd89590ebee0c4f7c6dd8d7f34ea1f1698

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "164-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 356

GET
H/1.1 200
OK navBg.jpg
bloodhelpers.com/images/ 429 B
714 B 316ms
164ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/navBg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5457dbdf5b8ea7afe9c7d54038caee3eb372bf261b751577a20de58a98e024ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1ad-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 429

GET
H/1.1 200
OK navleft.jpg
bloodhelpers.com/images/ 1009 B
1 KB 680ms
237ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/navleft.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 608e0382cd5327f9ee7c19cefe7d6fd4447233ae38e1ddcf0074765a09e4293e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3f1-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1009

GET
H/1.1 200
OK navright.jpg
bloodhelpers.com/images/ 1019 B
1 KB 443ms
236ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/navright.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 266d11c6058f9a59e25b5a5232f571dc69eb3578beb0faec8fa3d2088836388c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3fb-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1019

GET
H/1.1 200
OK bloddRegister.gif
bloodhelpers.com/i/ 2 KB
2 KB 480ms
260ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/bloddRegister.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4f197c444784333a55ff4b224157f0d800e70c9daa39d86bcedc8c7ef162915d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "622-55584ca1e998b"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1570

GET
H/1.1 200
OK RegisterIcon.gif
bloodhelpers.com/i/ 2 KB
2 KB 475ms
178ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/RegisterIcon.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 10b02de004b97512fd30c6f064abbdee71b11f73eb02929c24e5b0133e692b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "76d-55584ca1e8c86"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1901

GET
H/1.1 200
OK searchIcon.gif
bloodhelpers.com/i/ 2 KB
2 KB 498ms
183ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/searchIcon.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5608227c7f669c0d9a2becf40df6b1e818c4bf5031cff42356ea83b953079541

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "691-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1681

GET
H/1.1 200
OK postIcon.jpg
bloodhelpers.com/images/ 2 KB
2 KB 463ms
167ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/postIcon.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 0697c07c0ab6e661ea446ec8242304225e7cec860c1913ac9d0c2f25611b96e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "7da-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2010

GET
H/1.1 200
OK tickerbg.gif
bloodhelpers.com/i/ 125 B
408 B 668ms
232ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/tickerbg.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: eba396bb2d056206fff4af829b6e6edfd05ab820e06fed281e762c9bfe6f2911

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "7d-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 125

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 292 KB
106 KB 101ms
54ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aa8374b1a84ef714153d1a4cfe234813ff6c118c3cafe545a6b8fd5d9c2d57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107520
x-xss-protection: 0
server: cafe
etag: 11400439825139180766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Mar 2022 18:22:29 GMT

GET
H/1.1 200
OK tabsearchbg.jpg
bloodhelpers.com/images/ 411 B
696 B 616ms
173ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabsearchbg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 0eefc2d7f64647f430757895d13bd823e9106b542cacf8ed5adc05c772ea2cde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "19b-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 411

GET
H/1.1 200
OK chosen-sprite.png
bloodhelpers.com/i/ 646 B
930 B 629ms
179ms Image
image/png 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/chosen-sprite.png
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/chosen.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/chosen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "286-55584ca1ea691"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 646

GET
H/1.1 200
OK tabrequestBg.jpg
bloodhelpers.com/images/ 405 B
690 B 746ms
161ms Image
image/jpeg 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/images/tabrequestBg.jpg
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: ffc5b915284c210bfb56d123358c80408200d967819e1a52979fb7572a98ba65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:35:02 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "195-55584ca566570"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 405

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 6760
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80

15 KB
9 KB

117ms
56ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3c2ba8aa6804842e48d9192774650c987f7c6c697448e4f8fab4b489e07995c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 33z7AFk4+PCKR6MRTTEHiBWiz9Ym6KClVGjKZAJEUDgcXo+DbcSlCUOn8rUPKmqeWvwRyA/IP9YeO8j5Ugar+g==
date: Sun, 13 Mar 2022 18:22:29 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80
Cross-Origin-Resource-Policy: Cross-Origin
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK recentusers_top.gif
bloodhelpers.com/i/ 647 B
931 B 957ms
170ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/recentusers_top.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6da64d35e0719af8338c2ca65f4597386a5d95632da247f6eabea44087e94f73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "287-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 647

GET
H/1.1 200
OK recentusers_bg.gif
bloodhelpers.com/i/ 90 B
372 B 835ms
231ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/recentusers_bg.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 31db83f7dee8772cf449eb52412da6d98ede3db1f1266cf772e53fa3d10579bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5a-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 90

GET
H/1.1 200
OK recentusers_bot.gif
bloodhelpers.com/i/ 661 B
945 B 936ms
261ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/recentusers_bot.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: de9beb5ad10173669f0b41c34c327f869c48dd0e4300d398e72603eb4a119a48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "295-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 661

GET
H/1.1 200
OK family.gif
bloodhelpers.com/i/ 8 KB
8 KB 786ms
170ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/family.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 694d659009eac3d41baa98f316082395d708e93affbfddbba5fed6289b2560c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1f52-55584ca1ea691"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 8018

GET
H/1.1 200
OK spacer.gif
bloodhelpers.com/i/ 43 B
325 B 930ms
178ms Image
image/gif 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/spacer.gif
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "2b-55584ca1eb396"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 43

GET
H/1.1 200
OK feedback_trans_tab.png
bloodhelpers.com/i/ 2 KB
2 KB 1068ms
232ms Image
image/png 2400:8901::f03c:92ff:fe8a:f267
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bloodhelpers.com/i/feedback_trans_tab.png
Requested by: Host: bloodhelpers.com
URL: http://bloodhelpers.com/css/bloodhelper.css
Protocol: HTTP/1.1
Server: 2400:8901::f03c:92ff:fe8a:f267 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 9a9908a313001cfb6df4c6dc006c43f13dfcca49840f203ca7fc81d71e9366f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/css/bloodhelper.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:30 GMT
Last-Modified: Sun, 30 Jul 2017 08:34:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "695-55584ca1ea691"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1685

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
647 B 51ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bloodhelpers.com&callback=_gfp_s_&client=ca-pub-4081699989175167

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=pub-4081699989175167&plah=bloodhelpers.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

58bf7e25d4ebb1f124516489db233e3dc82cd0891996a48e7b2dc175e67bb97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 50ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloodhelpers.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 49ms
23ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloodhelpers.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB13 58 KB
26 KB 501ms
474ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1647195749&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1647195749016&bpp=16&bdt=431&idt=156&shv=r20220308&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1263101021888&frm=20&pv=2&ga_vid=250031105.1647195749&ga_sid=1647195749&ga_hid=1819272687&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C31064857%2C44756432&oid=2&pvsid=2367370566159896&pem=586&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=boMsUNPqkv&p=http%3A//bloodhelpers.com&dtd=172

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30a16ea4fba5bab7fb0b914a8485cef00614f2d8c3b192b6c34514beb915cac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Mar 2022 18:22:29 GMT
server: cafe
content-length: 26420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Mar 2022 18:22:29 GMT
cache-control: private

GET
H2 200 afuZUdAykvX.css
static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/ Frame 6760 43 KB
11 KB 24ms
8ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/afuZUdAykvX.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fbloodhelpers.com&layout=standard&show_faces=true&width=450&action=recommend&font=lucida+grande&colorscheme=light&height=80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8594767931b331f35229e3380e1aa121e1a76febf066268e0ae5f4f437d94e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: d9H3bf2xDZrG7vk4xXlkDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10442
x-fb-rlafr: 0
x-fb-debug: Fh9JyfQMhWPPeHFVjuk2V0jH1EDvdQUUFA4l9vl9bhIejTEhaOBzXf/28ty2SQoDNfIFPBaF3ji8wbFmQCjVzA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 11 Mar 2023 16:19:17 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 54ms
53ms Script
application/javascript 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 07:04:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 213507
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"61e1c3fb-16245"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: HEL50-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: P1FdT7V8kODJJW7EggfkQN8lg5TKHMSGFIWUQnzfyGIL-k8hnwvUww==
expires: Mon, 14 Mar 2022 07:04:02 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
402 B 60ms
11ms XHR
text/plain 3.123.86.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1647195749265.49486&hostname=bloodhelpers.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fbloodhelpers.com%2F&title=Indian%20database%20of%20blood%20donors%20-%20Donate%20Blood%20!%20Save%20a%20life%20!&sop=false&description=Indian%20database%20of%20blood%20donors%20%3A%20Help%20in%20saving%20lives%20of%20those%20who%20are%20in%20immediate%20need%20of%20blood.%20Register%20as%20blood%20donor%20and%20save%20life

Requested by

Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.86.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-86-254.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: http://bloodhelpers.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 33ms
33ms Stylesheet
text/css 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 03:03:15 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
age: 55154
etag: W/"61e1c3fb-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: mpPG-HzGJDwA3HLrGWn0V4ilJ8A76oUcF3vYlrdr7JnQkbLXxBJIZg==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 454 B
813 B 216ms
177ms Script
text/javascript 143.204.98.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fbloodhelpers.com%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-14.fra50.r.cloudfront.net

Software

Resource Hash

e5de687008731a829c3b3112506e4a4718b915f3786df8d38bdbb1b204f8475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:29 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: 0a94eeee13e88afb41ad5d0e6c49c13f
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
content-length: 454
apigw-requestid: O71v4iQBIAMES6g=
x-amz-cf-id: W0TYrjnELybJ4OJh8827xI-RPHqtBO0yLrZIh8cE2sHhRBcr5r8VSw==

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 14ms
14ms Image
text/plain 3.123.86.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.86.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-86-254.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 13 Mar 2022 18:22:29 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 twitter_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 35ms
35ms Image
image/png 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/twitter_counter.png

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:34 GMT
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 16727695
etag: "612ef1b8-9ae"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2478
x-amz-cf-id: YQZNFgQXfnpWuum9IqkH4RuGp_ZCCuarUbNeTVpqBBFTMRSUr1MYvw==
expires: Thu, 01 Sep 2022 03:47:34 GMT

GET
H2 200 facebook_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 35ms
35ms Image
image/png 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/facebook_counter.png

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:34 GMT
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 16727695
etag: "612ef1b8-977"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2423
x-amz-cf-id: coABsTLOCZEhFsiYQt4EkRcI0Dh33z6pIf1v22WEZp7SSC3Khe6y1A==
expires: Thu, 01 Sep 2022 03:47:34 GMT

GET
H2 200 reddit_16.png
ws.sharethis.com/images/2017/ 895 B
1 KB 40ms
39ms Image
image/png 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/reddit_16.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

1600444c9b4125557ffab061b614813ee35aea6a10101fdd47c236d7d8a4c435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:36 GMT
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 16727693
etag: "612ef1b8-37f"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 895
x-amz-cf-id: xfEAN2VYbU_g4TPFqn617pe8grDpoP2taZ_L4xWapR1FUYanx9_qHA==
expires: Thu, 01 Sep 2022 03:47:36 GMT

GET
H2 200 digg_16.png
ws.sharethis.com/images/2017/ 706 B
1 KB 43ms
41ms Image
image/png 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/digg_16.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

62f041ce8a15ab6b5dda668380d3191d5b95b914a14cc65140a7fd717e6381a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 14:15:01 GMT
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 13838848
etag: "612ef1b8-2c2"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 706
x-amz-cf-id: GskCfHUaqfOJ9NAwBRcZKuaSS5UbzfvKf9_Hca1c1og2k2C5pGSJWA==
expires: Tue, 04 Oct 2022 14:15:01 GMT

GET
H2 200 bubble_arrow_below.png
ws.sharethis.com/secure/images/ 969 B
1 KB 35ms
35ms Image
image/png 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/secure/images/bubble_arrow_below.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:10:46 GMT
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 9475903
etag: "6179dc46-3c9"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 969
x-amz-cf-id: Opci0TmHEemplEcr5FKiEdBy-CS9kAZ3ZhgpKNqHzbx6bWbEW8mqJg==
expires: Thu, 24 Nov 2022 02:10:46 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5D0F 0
0 66ms
37ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9QLc1DEtQIyiZoS4sjm2Xg2BzqScgwjkRd7fA3SC42Ii9eBETBjcGcu6czi_4395aa-fnK5S9sXWXAhCedWYOhec2vm9D6DLt7dIGd_mQl-R4UOMyb5p9cuyzZR1FLKW51es3kgFQ_25P4tMXTxzKmoBma9vO_hzbviw8oFnkm7LZlShfXJFFJPqdDZDjvYD73cMtiowgYyFpf5uPqdGy-QkJMTOYmIAsNfQsJNFV4KLprbJPrQqWiyq4taDlP_SPskdsD7QhIHkmjlOXL9J5PI4vx6FIPelciQxQzrnEAwDe5YY6OPoeG9IJAv4WsTjemikZxjOy5VpyEz9CCa30497NNGlyCV7FawDkDRZeuu0RmEV6uvu6m-xH2ckK3BZKr7D3UYAPkbhHM5ecD4SDqEArNWCd_AL9F64w5ZkK58V2VV28vY0uZ6C7xjS8wZ7T2PGudMxDz4dSo7DU_wAeFkOpEHBRsQ9K0Wih1KHgRoFpmtUMgArLBkQNXDYaVfBUVJbTr7zi-5GLLVTyaGw4qEL_RBHTmzt1XSIjT1zOq7M_b6uNBgRdYLue68mdMJj36-MZDqFhjzNQbb3_rZ4a3pbxNnz5CU0XqSbnLlj6-d__Sav2ml4bQj4QJMZyTD1E8XLknYcCj1kcHE5kr4CPW9QL0rl5II60sA5bvxBegMY08S-KU2H3Xi-EZIy_6MmqOaIURFVe6Nx5SHl9kShz2OFtjlTqlNzjUDGgDwaiqjV0Dva39b4ClLxb8DQ-L2NQPTJnanWSP_StGoY9rJDmcEss_vIXD9RsqxbNaHQDu16fc-3yqwQwBqDIvKE_VpSjEHLNXlQf3iiHeCY8OJUM09eox9Jq6ndCy-G278uT2yQ2UP_hntkKFfeRTVK7SbN9qWvAMwIfyPYbrGg586cGRCKVg_rRUrsd_UhXTgLvpBfTQSnGBqFhy_260_A-_O7wpIQCGFZBXl-5dWo29pq9&sai=AMfl-YRxiAJu3MdBnHF8WN3h9rlOtE8sAqthClC_rxd7MmLy23XWYjxgck3cww&sig=Cg0ArKJSzH2LJHhl_sIkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 13 Mar 2022 18:22:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 13 Mar 2022 18:22:29 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D0F 41 KB
15 KB 41ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 13:19:22 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 5D0F 32 KB
13 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&h=600&slotname=1676498701&adk=214556337&adf=3687068580&pi=t.ma~as.1676498701&w=120&lmt=1647195749&url=http%3A%2F%2Fbloodhelpers.com%2F&flash=0&wgl=1&dt=1647195749016&bpp=16&bdt=431&idt=156&shv=r20220308&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1263101021888&frm=20&pv=2&ga_vid=250031105.1647195749&ga_sid=1647195749&ga_hid=1819272687&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1164&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C31064857%2C44756432&oid=2&pvsid=2367370566159896&pem=586&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=boMsUNPqkv&p=http%3A//bloodhelpers.com&dtd=172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 17:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13100
x-xss-protection: 0
server: cafe
etag: 17326570059298415575
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 17:54:49 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 5D0F 2 KB
1 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 18:18:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D0F 117 KB
36 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Mar 2022 18:22:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 5D0F 15 KB
6 KB 36ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 18:16:46 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 5D0F 19 KB
8 KB 37ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 18:19:44 GMT

GET
H2 200 14024757219921859687
s0.2mdn.net/simgad/ Frame 5D0F 25 KB
26 KB 33ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14024757219921859687

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

061e07f3be239a4c6692e688471cdbf640c8cc286b3b811f8d1a105e3f91f547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 10:07:23 GMT
x-content-type-options: nosniff
age: 375306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26107
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:55:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 10:07:23 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ADA5 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 13:19:22 GMT
expires: Sat, 11 Mar 2023 13:19:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 190987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5D0F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37430c62c58934f09d6df7dd6490dce60988648a8aa62dcb52a67d58de5dfb9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame ADA5 35 KB
14 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 19:55:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADA5 0
20 B 37ms
37ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4PPeZTYuYpC8DoKC3gPLoICwCQAAAAA4AeAEAg&bg=!eHulez_NAAb7UztL-1M7ACkAdvg8WldHoiJIyd4ESn8Yqqfy5cApTJYipQgwINrB9ElvxHf_JT3OWAIAAABZUgAAAAFoAQeZAyznK_CzqYrppDrQq22wQNehNaOaC1EBrkNdv8EvmD90qXbpHJjFjsk4cqZkQsxFIGa2xQuvKN605Brw94nfsUhVnvTFo8daos32KgjfIw_OEctcmB0iF_mDaZHoUwaOmczTQA1o5lwoyIDFdPjOLewniJ8tY0Eh6t4-uU3DiWTdM0rvfaocbswn2CNbG10tJVD2gq1J7Fzl9_O4GdlEXrtfYTL9X84hHA9M89KTk9goRDB_ed8prcLNVM8qlZwVzDqO5nQDmLJr4TALTbyMvH3z0-HU21rD55HwGihQZqxyYYrVbkPfT_ekBIeR0KWD6JnA5aoYw0eO78piDbLJovIYMWOEst-c26ic_PvvuKMIdnmZz3Abqf3XGaFN_FGf94zVMBsxOSzdg6Vw4tHcp5_gxoz-ZYjrITI__tzUTCqkAo_SkMbVGodHKrq-5r9J6zqMt1XhOS7gZvU4LhredSR_KcJPZaUcR63tbVDpKlRqZAVvyewxkb2HjM61f1W1gumXY6Rd1H4YH6Ktw8D2kGG6RY5pSBqPwJd7U03XM6A_9clHSrGxSjs7owec-98H1KYYgftGIkqsUJ7LsomojUZEQSosiiFI0KOlLUoxcQ2L8w2t3TK34zIwvrHVHPos8W1D_gDaauGMSO-g5COXthgaXkOoT4AVMN80PDeO9KlxSuy5dayU1a9xE1ND_3TosnslP8599fUyVmHVPvPBuimJHcl3MO9tGCPWMcvudr5K8y4r7iZzE5IcBXK5w-uyhlzfv55U1SzobQG_CvQHRMDvyTWmS0wb_HON0hNZn_k8RMVvHFJ0y5OFj2duoj-6JTvtfqVupvUWwVIUxSBLwa_K9I9mchN1ShOtlN5YQQ4y29lC0zJThCurA2cdWpPcP4Bh5RnsmQiTt2fQ48XeSGVlHTgF89TeUQTM-l9nwT20fwmTMrXZTO29SaIBQID6Nd8eeXh6EELlfrnhBvhqy8Z8nu1RHIjzQUQPMFYDE6mu-XM-cvM-SDdnIhyfOAuf7dDjNeRv1VvYR5h6cYAv9WENLqroOygBf_x3FEhHnc2XyfFOGe68hpglLajqHQ

Requested by

Host: bloodhelpers.com
URL: http://bloodhelpers.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 18:22:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d51b1c16d0117a1ed79aa3d9e6e0e9afcd7fb732c78f8237d2f770208d51a591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53780
x-xss-protection: 0
server: cafe
etag: 1481923903615368825
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Mar 2022 18:22:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 39ms
22ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b72bda7634ce4fb46852ee6a8acc50f31ec23712801ec72ab9cc42ce6850f754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10607
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Mar 2022 18:22:30 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 554B 10 KB
4 KB 50ms
27ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sat, 12 Mar 2022 23:41:54 GMT
expires: Sat, 26 Mar 2022 23:41:54 GMT
cache-control: public, max-age=1209600
age: 67236
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 62ms
32ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bloodhelpers.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 63ms
33ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloodhelpers.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Mar 2022 18:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 62F4 0
16 B 52ms
37ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4081699989175167&output=html&adk=1812271804&adf=3025194257&lmt=1647195750&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbloodhelpers.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1647195750265&bpp=1&bdt=1680&idt=1&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9f3368c95484154-221ad10e5acd0005%3AT%3D1647195749%3ART%3D1647195749%3AS%3DALNI_MaPdygBNDbQnlMp8z-cTXZghvZU8Q&prev_slotnames=1676498701&nras=1&correlator=1263101021888&frm=20&pv=1&ga_vid=250031105.1647195749&ga_sid=1647195749&ga_hid=1819272687&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531398%2C44750773%2C31064857%2C44756432&oid=2&pvsid=2367370566159896&pem=586&tmod=176642592&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 13 Mar 2022 18:22:30 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C974 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Mar 2022 18:12:44 GMT
expires: Mon, 13 Mar 2023 18:12:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D4F 783 B
1 KB 72ms
16ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f47730d597bc2ba2e5c5ce565a6f7082cce6937353976c8c97fc5d9832659d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IGoe3KKKBamSsiQMjVDCWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 13 Mar 2022 18:22:30 GMT
date: Sun, 13 Mar 2022 18:22:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-IGoe3KKKBamSsiQMjVDCWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame C974 35 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 19:55:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D4F 0
0 71ms
71ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220308&jk=2367370566159896&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C974 0
9 B 26ms
26ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vlaRDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 18:22:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D0F 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvnkhaMw-XTMapFeuE0qRYJF4LJj_v-fwTA-mwFMr3beGt3cWcRt965ZkUH4wzdkC1erMXChJH1F61-Da3wVpVvX9gZBIF12kyFe_ebVv5UMZflFM2arF1YHZNrF3-XthIhpy_QrJCTC4n-PegbPeYw-jBFbyzi41ZCl-dKsOkVA&sai=AMfl-YTUU1NgVK2RLkPhTN6M1121nSADr7LkXx5tK59M5-sY04GsDAFMEXu6ituIQLG78Sv0bij6d2Y5yYTD&sig=Cg0ArKJSzPS1OxsEx_93EAE&id=lidar2&mcvt=1001&p=0,0,450,120&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=214556337&rs=2&la=0&cr=0&vs=4&r=v&rst=1647195749705&rpt=87&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 18:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
29ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220308&jk=2367370566159896&bg=!n5ylnNjNAAb7UztL-1M7ACkAdvg8WuUSIQK7ROGveqTvoQB0uDQ-erKsg0xCsnzhfn9EQMoHPgyxmAIAAABeUgAAAANoAQeZAt8kJyuGrba2V-KNyEM2qQVHUu7p4QDqymRAxTzDDAkw7k7WUX_hZoHkiwp6EG3Tmv5QhSrR2ioXR7XUDk2Is1TP9cZZ233kH7ohyaQVgs_t3-q-m8AgBrXusiZVM1Mb5zgXyLAXnatHGBmq4JyBkfJs8W_aVpvAKeCrEr9hCGNz0_YVjG_b2YB9nFuGgAKF3oQm2iilzy0UJso46kyjSfsTixPvihFyM2_ZOYh-zDRAJJiwD5VKHhjKKk0WVLUWAX5SOOdcX8wbyRJ7OHNXDlYi_bFzOA8RWdMOtTZcGF9VGXyam1kSJvhdorPj_GkKGMBFzNsE6gh2s3DMGYS6Qu0T-vLJH6mfshZpxJEugsg8TJxGg7B4rooykbez7e5KJu9LpI4YFXsQL35-ZATIt3Vxy5pawpvM-NlRq-3qNnzP9dly5A3NUyEd40ba8QnOF8XzzUZqcChMxP0M9k79MjC6pzDwcf0QrvHwg5Tobx9OK2koZXFDtrPx8SP2Y3OwfFUvs5ZWl67QjP1kfqRCm1brVUOJ8FNNRsRpAt1aQXvsvG4SXkW-Xkp5aMBpPYOuoLq3pYaprCdtP_sFfwfRxcHL9qdNY3I_UWg4UEop2xVox5tFwK8p1lbBiFX_D2kDCYY2fyXHUAzGp52wsNttF6wjqZt6Sdtub9nPzlhKQzAvALdi1aOnavBCEr3LGbUy6ZJohvUt8JqzG2XX56fmV5xLls7Q0P-VbC6w6pS-OXxjwjIaujXm4ZVwYKwnjTKLMpQpQffCVj-DcfMjQmXtIjq_U1PFep2IQl45kpGvGjh-YW2pEpjUXdbyWcosZYmVPU-aPOFhWlPqTnsKL-ln4Hp4cX5mmmIXshH88VtP4aO1XvdVellTweNoLFyFtIQXTBwsaed-fVQSx5eNPhF1Q2S9l7k4agxttS6EJlFKOuWF0wK41zAYhE_-6nF7PXeMuKfg2CRZCQpO2dL4q_R-aFM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Mar 2022 18:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame 69F8 14 KB
4 KB 33ms
32ms Document
text/html 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://bloodhelpers.com/

Response headers

content-type: text/html
content-length: 4082
content-encoding: gzip
date: Sat, 12 Mar 2022 19:01:23 GMT
etag: W/"61e1c3fb-390f"
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: gp3uSQHgw1t4PUOuP8t0mAJ2NfHWRTBQjY0-wRnMdcSrcLALShWqQw==
age: 84067

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame 69F8 16 KB
6 KB 36ms
36ms Script
application/javascript 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 16727698
x-cache: Hit from cloudfront
content-length: 5630
server: nginx/1.20.1
etag: W/"612ef1fe-40f6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HEL50-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: DLm4MSQzmXLygp2D5z6XeuqfObDgKSnumZeQ5cS6JfrPDuB52HPG-w==
expires: Thu, 01 Sep 2022 03:47:33 GMT

GET
H2 200 st.31cb6fcb48e558d491ec5da1e80ebf3d.js Show response
ws.sharethis.com/secure5x/js/ Frame 69F8 132 KB
32 KB 41ms
41ms Script
application/javascript 2600:9000:2038:9800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/st.31cb6fcb48e558d491ec5da1e80ebf3d.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:9800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 00:51:53 GMT
content-encoding: gzip
server: nginx/1.20.1
age: 11813438
etag: W/"6179dc46-20e82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HEL50-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
x-amz-cf-id: NMZ2q2-birzPmIqn_ifeKq196cuF9OUW_hSa_zfwMXBjOaVa8OUEWg==
expires: Fri, 28 Oct 2022 00:51:53 GMT

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bloodhelpers.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: tt56q5u9aci3daf1o4ine5v9o2
.bloodhelpers.com/	1970-01-20 10:54:51	Name: __gads Value: ID=d9f3368c95484154-221ad10e5acd0005:T=1647195749:RT=1647195749:S=ALNI_MaPdygBNDbQnlMp8z-cTXZghvZU8Q
.doubleclick.net/	1970-01-20 10:54:51	Name: IDE Value: AHWqTUk3b-dvUhSryUA0xvJPsktNUPWknyq7E-vmcDILkoiG3PJnP1OQ9ufwoURL08E

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bloodhelpers.com
count-server.sharethis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
static.xx.fbcdn.net
tpc.googlesyndication.com
w.sharethis.com
ws.sharethis.com
www.facebook.com
www.google.com
www.googletagservices.com
142.250.181.226
142.250.185.226
143.204.98.14
2400:8901::f03c:92ff:fe8a:f267
2600:9000:2038:9800:3:c04e:c780:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.123.86.254
061e07f3be239a4c6692e688471cdbf640c8cc286b3b811f8d1a105e3f91f547
0697c07c0ab6e661ea446ec8242304225e7cec860c1913ac9d0c2f25611b96e9
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0eefc2d7f64647f430757895d13bd823e9106b542cacf8ed5adc05c772ea2cde
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
10b02de004b97512fd30c6f064abbdee71b11f73eb02929c24e5b0133e692b97
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1600444c9b4125557ffab061b614813ee35aea6a10101fdd47c236d7d8a4c435
18b537d1b18b7e39ce0c4c7c6abaa53c2f1d4e0d308caf78d584622f32464ca2
1aa8374b1a84ef714153d1a4cfe234813ff6c118c3cafe545a6b8fd5d9c2d57e
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
248efbcc76b3d0a7264cb4cbc225aa44606b05c639dc6bd1ddf40157f72d43c7
266d11c6058f9a59e25b5a5232f571dc69eb3578beb0faec8fa3d2088836388c
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
30a16ea4fba5bab7fb0b914a8485cef00614f2d8c3b192b6c34514beb915cac9
31db83f7dee8772cf449eb52412da6d98ede3db1f1266cf772e53fa3d10579bf
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
37430c62c58934f09d6df7dd6490dce60988648a8aa62dcb52a67d58de5dfb9f
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
3f47730d597bc2ba2e5c5ce565a6f7082cce6937353976c8c97fc5d9832659d9
40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367
465d576714c8de5cf1f7f962251bcf51d64fb73155a41ebf3ac2525938501a2d
4f0b8a92c4b966af8298f43c059ec089461ee7a36fe53ee407ab39485194e358
4f197c444784333a55ff4b224157f0d800e70c9daa39d86bcedc8c7ef162915d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5457dbdf5b8ea7afe9c7d54038caee3eb372bf261b751577a20de58a98e024ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5608227c7f669c0d9a2becf40df6b1e818c4bf5031cff42356ea83b953079541
58bf7e25d4ebb1f124516489db233e3dc82cd0891996a48e7b2dc175e67bb97a
5e0eb783dd1df7d0d104169c210fe8775412af11f797b5c9fd368c6d0b5b1c93
608e0382cd5327f9ee7c19cefe7d6fd4447233ae38e1ddcf0074765a09e4293e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f041ce8a15ab6b5dda668380d3191d5b95b914a14cc65140a7fd717e6381a2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
684506d9d8135537d90392d008a89c4b57a6878ab17f88d66153a630bbe773dc
694d659009eac3d41baa98f316082395d708e93affbfddbba5fed6289b2560c6
6be39c2617f3c5012e913c62cce93a39e67bb0414044f58aa09e6dde12cbfb8e
6da64d35e0719af8338c2ca65f4597386a5d95632da247f6eabea44087e94f73
72733f17413f79408f89e9d85b9e44fcd10c9a8351d26c204b497d2769b67fc1
776654f7b3bf08c9ad34b8a4346af6dd89590ebee0c4f7c6dd8d7f34ea1f1698
7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41
7c1dc78e5284f0f937fc9159ca5418fd27aac3e93eb813bf6477cca5c34bf998
90ae6a92534dd5280d5dd7ee4e2ae906e67b238cd99eb101d1cd9b8ce448ef97
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9a9908a313001cfb6df4c6dc006c43f13dfcca49840f203ca7fc81d71e9366f6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7d7130a1412cd7df7976029c244e17ae541393962321ef3798d4fd31a8c1fa
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b72bda7634ce4fb46852ee6a8acc50f31ec23712801ec72ab9cc42ce6850f754
c1abbde5f157de3a571a6e12ceea7466953640d23fbe0e5b7339d04c4b0e73ab
c4b8a8c6703278963efa13c2536ca546ed08f55a0dbab145d5500f850691d8a3
d51b1c16d0117a1ed79aa3d9e6e0e9afcd7fb732c78f8237d2f770208d51a591
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
d8594767931b331f35229e3380e1aa121e1a76febf066268e0ae5f4f437d94e8
de9beb5ad10173669f0b41c34c327f869c48dd0e4300d398e72603eb4a119a48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c2ba8aa6804842e48d9192774650c987f7c6c697448e4f8fab4b489e07995c
e498735abec99119623c06b3b289a236709fe4bae0e75f8a2bcdc236c4fa7416
e5de687008731a829c3b3112506e4a4718b915f3786df8d38bdbb1b204f8475c
e670fdcaf8cd467a9a1a67e9a5c1f73288089f59dc08031b118dc26fbd233c80
e7f3e6e7de4d0e4b7b1ac851f43188836a609a0e77b4c6f5ade29b8c9b80e946
e8d4ff5367de8df94634d960c32dd62bceb138308cffddbc2656492fcfd7a934
eba396bb2d056206fff4af829b6e6edfd05ab820e06fed281e762c9bfe6f2911
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc345ad17d1564c82cf169a6e0a9be99d6a67f66568396c49575678d0179f4d7
fd0d2d25b0bae9f94ab8afb18b9b5341bec98a9f20926e91bbb528acdccf5dc0
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
fdf2ce1dd291ed85237de3ca32c8595089ea91b09439ed40afc63a240549e4fa
ffc5b915284c210bfb56d123358c80408200d967819e1a52979fb7572a98ba65
ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f

bloodhelpers.com Open in urlscan Pro 2400:8901::f03c:92ff:fe8a:f267 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

55 %HTTPS

75 %IPv6

12 Domains

18 Subdomains

17 IPs

3 Countries

643 kBTransfer

1720 kBSize

3 Cookies

0 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bloodhelpers.com Open in urlscan Pro
2400:8901::f03c:92ff:fe8a:f267 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

55 %
HTTPS

75 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

643 kB
Transfer

1720 kB
Size

3
Cookies

83 HTTP transactions
1 data transactions