bloxorzonline.com Open in urlscan Pro
2606:4700:3030::6815:48cd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bloxorzonline.com/
Effective URL:
https://bloxorzonline.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 23 via api (September 23rd 2023, 8:33:46 am UTC) from DE — Scanned from DE

Summary HTTP 186 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 14 domains to perform 186 HTTP transactions. The main IP is 2606:4700:3030::6815:48cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is bloxorzonline.com.
TLS certificate: Issued by GTS CA 1P5 on September 23rd 2023. Valid for: 3 months.

This is the only time bloxorzonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	2606:4700:303... 2606:4700:3030::6815:48cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2.17.190.170 2.17.190.170	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
3 13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3034::ac43:ba7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 50	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
186	23

44 2606:4700:3030::6815:48cd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bloxorzonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.190.170 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-190-170.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3034::ac43:ba7a (United States)

ASN13335 (CLOUDFLARENET, US)

html5-games.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	644 KB
44	bloxorzonline.com 1 redirects bloxorzonline.com	689 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com	710 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 897 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8000 csm.eu.criteo.net — Cisco Umbrella Rank: 7577	584 KB
13	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	178 KB
7	html5-games.io html5-games.io	7 MB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	610 B
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 11	33 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	285 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720 fonts.googleapis.com — Cisco Umbrella Rank: 113	36 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7499 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8894 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14897	43 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	21 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	80 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 4286	361 B
186	14

	Domain	Requested by
50	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com pagead2.googlesyndication.com
44	bloxorzonline.com	1 redirects bloxorzonline.com
15	pagead2.googlesyndication.com	bloxorzonline.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	static.criteo.net	ads.eu.criteo.com
7	html5-games.io	bloxorzonline.com html5-games.io
6	www.googleadservices.com	bloxorzonline.com
6	www.google.com	1 redirects bloxorzonline.com www.gstatic.com www.google.com tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	www.google.com fonts.googleapis.com
2	www.google-analytics.com	bloxorzonline.com www.google-analytics.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	bloxorzonline.com
1	www.googletagmanager.com	www.google-analytics.com
1	s7.addthis.com	bloxorzonline.com
186	23

This site contains links to these domains. Also see Links.

Domain
happywheels24.com

Subject Issuer	Validity	Valid
bloxorzonline.com GTS CA 1P5	`2023-09-23` - `2023-12-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-16` - `2024-02-15`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://bloxorzonline.com/
Frame ID: 32AAB5AFD8E2F424FEDD4C4A0BB23424
Requests: 56 HTTP requests in this frame

Frame: https://bloxorzonline.com/bloxorz.embed
Frame ID: E4517E131674C420161C5D44723EEBE9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: F05F908031FBA86FC91AF46CDF10FF6D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248
Frame ID: BB709BF19DF070FFDDAB85AF129F4242
Requests: 16 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKT1saAAAAAA43C3O4Bn-EiZ59Gu9O0ud2YB-D&co=aHR0cHM6Ly9ibG94b3J6b25saW5lLmNvbTo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=p4jn1wv1b5ig
Frame ID: C8DCBFBD795B00DB56570CE99E6F1B73
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=629492764&adf=2669962450&pi=t.ma~as.6113373024&w=1174&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1174x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019604&bpp=1&bdt=424&idt=300&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=17&ady=1149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QnfiXrNAWd&p=https%3A//bloxorzonline.com&dtd=304
Frame ID: 3389C077DEE6DA554A158D7B834847F7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336
Frame ID: FACEEA49EB5EDE2E22F0DC69907F68B4
Requests: 10 HTTP requests in this frame

Frame: https://html5-games.io/game/roll-the-block/
Frame ID: CE5555E122BC075E91850E2F9CDCCCE7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&adk=1812271804&adf=3025194257&lmt=1695450819&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbloxorzonline.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019631&bpp=2&bdt=451&idt=315&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280%2C362x280&nras=1&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=330
Frame ID: 8AD4C6D1E19BAEE5C10E929602D2B571
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQ6i4wAOo_oKsoFSAARtdCoSSNVzDhlSFeK1dw&u=%7CC2GRLkHZYoGxySnewOSTqPblw6I0LBPhR8k8P0ASCPY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXPpeAoPTN48s5WhV6QJkPjaeO7pnAdgo5dwz5nzZ0tg2NZ2tF3cQpImA0PS8EufpqRS7spbTbqFcRaqzjJeaxz6Pb-OQSdOvm9DwTSqSdWRWDScUdWWa9b3AyIa1z-hT5fjpwwzSPHnFGL0ivuBRphj5nR3qVZ-trzmybMpcPu-crNHrUq9FPOnuRdcaYBP5Bma86eyLVDZ4N9fHawzKeI6ZkB6_6z-TsVRNvLZb9gFHAF8g__qqDgGbJ_644H9zaA30eAa96uorlyP06FwaZLMEvBwo7e8_A--0Uv3HwEK5CYdkeR2Y98JLhFbaxE63mq_YcyoNPPV4eTV9NvkWKgnIcngkLt8ImZSZU-Hm8WKH-_rszgqROKeGwfn9Nm1kvXdfFVEiiVna-5-7SKidPCt-ymGB1x6hILmGp267WVgw47uw1aKBaGMuC1fGxX1x1RG7HgIxuUU1tO23Wm-ryQjp70LW5Bki72NStcrTdrgiGmLoj4U8-AETNA7P5hlziJgWTkkbgXz269LlnFFAzC5FIxzSdKKqQVf6igVsGio&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBVpx46IOZfrHOtKCygX02pHoDsme0rFc9Z2Y93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItNTYzNjU1NzM5MjE1MTU1NcgBCakCYTFGH3HfsT6oAwHIAwKqBMYBT9DYOggXtcAlN6CPbkALO6P1wEbjlIUhcBkXi1VHyEFcxd99o14lMjYOD41GEZi1Yg5-LgQ_l5Ko1r3NDV5fz4pgOC_nsLFPotytMbSE3RC1IQO8Qdk9EoIHzMX55HPE_DXxggy2MFhDGwuHsyFuEu3ssaCOT56L6TFbSCIsMv5SamYkW8PqBhHiD11GGPphYl_j8McO9zS_L39_-EjhrAWNvqblYhIbfJhRbmKyh1c84ig8m5opv0NMT0BBhalVBgL4-Vk7gAakj5-zoIrx7cwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11CEyYtmtbr42klMgu34x3GvFZIw%26client%3Dca-pub-5636557392151555%26adurl%3D
Frame ID: 522AD28A2DCAD2BBA1C9E2C341238F26
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6LcKT1saAAAAAA43C3O4Bn-EiZ59Gu9O0ud2YB-D
Frame ID: A4504D61DA975E784C54C8B4C3FE7B9D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5E3EC84D224848F8C5BEE5A7DC72A971
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: B6A5A9B08583DB167AB3A6A9D974CF9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 872B98C685D8B22C534CC3424D9DF58E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: DFF875D5AF14B2FC26335D2E0D4961DB
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: 25D13A29106BE0E9218B8E2FCC1DEE18
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700&display=swap
Frame ID: BB928804C3CBB0C22D7659B7C2DB98BB
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Frame ID: 441295D7033F03EB15B3F93EC0F6741A
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: F2FC4B6B72C4A4B53E34916BB492E79A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: 581E08D7486DF7DCCA6C01389D12196C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F9F855EF2DF1848A7E534FBA49667832
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F765EBE1E8D22D5449B6A20C9F8B699F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bloxorz

Page URL History Show full URLs

http://bloxorzonline.com/ HTTP 301
https://bloxorzonline.com/ Page URL

Detected technologies

AddThis (Widgets) Expand

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

186
Requests

97 %
HTTPS

86 %
IPv6

14
Domains

23
Subdomains

23
IPs

4
Countries

10751 kB
Transfer

15055 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://happywheels24.com/
Title: happy wheels

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bloxorzonline.com/ HTTP 301
https://bloxorzonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://googleads.g.doubleclick.net/pagead/adview?ai=C-uWY46IOZevoPNaWygW0pYHgCo6WtYpz5cLYhaoR7_mt6JUOEAEgi4uQKGCVwqaCsAegAcHioNkoyAECqQJhMUYfcd-xPqgDAcgDyQSqBMgBT9DPS3MqkJBxFjnEzQu4WVOVag9LUQhMlR9tf6BaaogLYEdw8xwxf_T355FMV1kw8t584D2asV-R95qsbADRxa0fh2XvNFywySmUDxaCDzL9az1SAkwrc1qwbvsP7QFIMIeFg4ozTHcSvHxcnz2vNWkccvCbOM7Ij8x9iacldHICT0FhDxSj3a-8jV0FIu5jdGihEO0Tz4Zlou09ji0XyD2T2IKvoD52beHVwopvPiwNSxkz_HQcMZTduwq1d56XAyBFT4zljhDABPPHpbmeBIgF8KW8vUWSBQQIBBgBkgUECAUYBKAGAoAHwZrxuAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDv1gLSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkgaHR0cHM6Ly9zd2VsYWJnYW1lcy5jb20vZm9ydG5pdGWACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNTYzNjU1NzM5MjE1MTU1NRgA&sigh=F68coI0PdxA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWcliX_SdoEYSMciHAip1uZksYyLh6whgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224165722412521584534%22,%22debug_reporting%22:true,%22destination%22:%22https://swelabgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210924601665%22],%224%22:[%2209-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22932933436780563169%22}&andc=true

Request Chain 120

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC8payh2AEQlgEYlgEyCL0FjczvpGfJ HTTP 301
https://tpc.googlesyndication.com/simgad/15581617338269297532

Request Chain 126

https://googleads.g.doubleclick.net/pagead/adview?ai=Ccubf46IOZbKBN8KoxdwP3ZO7kAmAxsXccruh4L_FEfijlZ2LORABIIuLkChglcKmgrAHoAGemryVKcgBCagDAcgDywSqBM4BT9CkY3DJdVGq9z2QyPr9lVdNIc1J3ST6RSw1Y4dYCxqd_egEzG97Gst15f4iRKc78UrR81xeRjitX7ESRHMafDR43RZ1kz6tAxlhs41gYY9k44W93RhY54hr-qYD5cZP80Fm3aY6VuGnkejytSLU9EOruNCizIyLJ5B3u1mdBF3M50gVCdjT-M8i9ESVkVk_T-kfCL6MPurE5DHKhomjDltEtT8MKZ8VpnHo1AVNIINS28H0g1VDgkERHNAxGbNcqlXo3WmRNOv00Fi74xnABN6fvqOpBIgFiP7FkEqSBQQIBBgBkgUECAUYBKAGLoAHntKM9QOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ3ckj0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJKWh0dHBzOi8vd3d3LmdhbWVvbnl4LmNvbS9nb29kcy1nYW1lcy5odG1sgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTU2MzY1NTczOTIxNTE1NTUYAA&sigh=AO4bc-wJve8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWRgaXgoY-2LOS9uk0NygBNfMt3k9HQBgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212766891991072464472%22,%22debug_reporting%22:true,%22destination%22:%22https://gameonyx.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211050880286%22],%224%22:[%2209-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210423094021623687169%22}&andc=true

Request Chain 153

https://googleads.g.doubleclick.net/pagead/adview?ai=C5pkq5KIOZa3EAd22xdwP1NO4oAS3_u78cdT5_6rdEdLw0uCyARABIIuLkChglcKmgrAHoAGl4IzcA8gBCakCYTFGH3HfsT6oAwHIA0iqBM0BT9D278uBuxndn9WGIxZvP7faEyYpcWNte0KnvwD-SvkxAtPzura9X8CMjBjRzhKy0BZj4yuk43Fqi8iF8LHdHhJq0cW67n68gGvMhIM4Ifk69oa9LbYoRzuqCPXvWt8DhP6uclOEI4bk7XCsLj6GGL6NPqQgienZzn8SWmSDWOpkO2GaSHdJAvn34bwmmEqYBllz7wx-8hQvcPQeDfp9ottPI3iVzJr5a53RqNMNQlYhw9fQNyUTevbzHkX3lE-o53J1KzMED1tGMuInw8AE6eXq_rAEiAX257DNQpIFBAgEGAGSBQQIBRgEoAYugAezkasoqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQrLEP0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJJGh0dHBzOi8vd3d3LnRob21hbm4uZGUvZGUvaW5kZXguaHRtbIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi01NjM2NTU3MzkyMTUxNTU1GAA&sigh=3T5olwfq71k&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWpjYhR4jJt4rckrRmVjCsmxvu_i1aQRgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213104787021646193044%22,%22debug_reporting%22:true,%22destination%22:%22https://thomann.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22998453285%22],%224%22:[%2209-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229519394935766763873%22}&andc=true

186 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bloxorzonline.com/
Redirect Chain

http://bloxorzonline.com/
https://bloxorzonline.com/

34 KB
9 KB

366ms
279ms

Document
text/html

2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: eec8fc09b34899f0a091d7032254a82957803dd54158241aa376444ddc935561

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80b171aa3b759b80-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 23 Sep 2023 08:33:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giKC%2FY%2FGm5NWgiHQm4ntO0oT7wS3NqovCxIMBzXb0vnJU1oxVbfGf%2FzwGZDHrHLDNx0voDWlFLhf2%2FtQ0S58hZBgwLd%2Bxwgcn5qr%2BlJLeRXRCo7Guii4bmDS1zG1t7%2F4lTL%2BMav32QL14M8BSFDLQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.33

Redirect headers

CF-RAY: 80b171a948dacad9-DUS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 23 Sep 2023 08:33:38 GMT
Expires: Sat, 23 Sep 2023 09:33:38 GMT
Location: https://bloxorzonline.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3B6SVbgxct0W0hIN40A6pRjfSEilaKaCQXttIIQfdkRDAEo%2FWNgCwX9CMT3WkW9Wj2%2Fjj5G1e5TmUhIsyYrOt8iDo95%2FOQGnaV4cBEO05vQvdnQ9twskmCmirOig7btX1iEXY7xVJc0%2BraXgzI0%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 wprmenu.css
bloxorzonline.com/themes/bloxorz_2021/resources/css/ 6 KB
2 KB 50ms
45ms Stylesheet
text/css 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/wprmenu.css
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e91ea289ee2b14e4cfbb4c0cc66aeeb467019e536caf42af05be419be0654e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397110
cf-polished: origSize=7158
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: W/"63c51217-1bf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXsoAVtQujw%2BIDicJyxQP7G2CcvDBdrbZiWLL7lLNyvmZ%2F%2FgEfuHLo3ApxpTBuTZ0gLiPxHD7wcbWLwIZ4TjTK8GEmIJOEknOrursvZPQydh3dV42FpyxUQHKqEDJcaf4mcyoyh45hYqHYD%2B0%2FPR7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 80b171ac0d009b80-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.css
bloxorzonline.com/themes/bloxorz_2021/resources/css/ 112 KB
20 KB 55ms
50ms Stylesheet
text/css 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/main.css?v=1
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50d55da2f0dfff9e815f8842d727de21127836d38c9a5e6479d48a9f0c8b548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132177
cf-polished: origSize=149675
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: W/"63c51217-248ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YG5dfsox3iuhhxMpJvsk62%2FN66eHHyDVJoAt8lQVM6kuAU%2FljlEr2mF%2BpqzFRyv3l4Zu2aIVauLk7SIDBWblUFTFr5%2FIVauHqqiciTJiq0U7wLmNxPmojKYozH6Pp8aDF0ASvoIqJ86RW32QAUeSEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 80b171ac0d039b80-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.css
bloxorzonline.com/themes/bloxorz_2021/resources/css/ 57 KB
12 KB 53ms
48ms Stylesheet
text/css 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/custom.css?v=1.2
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f1457142b74a42ee67f24f86fd6298a7d3b0f0e7e9b096dd79632ebfb187761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397110
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: W/"63c51217-e4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF5UNi3C9M1pq571FLRLol5tnVAt8aj398NJMqkeTB7Z5X4ts51Lk7ponH5CPM8bfmo2vkULqgoBnwXdrUeMiZK4Ozb0hh53da9z%2B6gBw4FRmOIaIGnalLcN0MDLyFBXfr19iUxlpdZ%2FiFZGYUJw2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 80b171ac0d059b80-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dark.css
bloxorzonline.com/themes/bloxorz_2021/resources/css/ 3 KB
1 KB 54ms
49ms Stylesheet
text/css 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/dark.css
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e46698159032fbab1aeeb0f55269b884f4b284cf340942c18f70127ddc1c4e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132177
cf-polished: origSize=3493
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: W/"63c51217-da5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGT9ToZWZSJuZYaRMGZKl5Ixc5YE0djFfNmpJ9Ia%2FfJCYAi2OudyA12KfvvpVz9Ww0VmGih1DSCOXPLdiUWzR42jmxYC3kWknVlF%2FjstVvaHHv2VDeUOzRlEcT1%2FGQN6p6kscTD6Ov3YQfgoyVLwnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 80b171ac0d089b80-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 94 KB
34 KB 58ms
53ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/jquery.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: affdaa19547b4ed971f3b53a274be565d7dc6d42b3e0fd4ca24d18a75e003b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132177
cf-polished: origSize=95977
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: W/"63c51217-176e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxMtkaVj5YPioA2wrNZkSmC20HsrKmqYO0HP89PUiXFfRq6whXx3Sf7rbBfVOhLaDEpX0VIh5v6ul7iD8%2Bx%2BlOKDFQ9e4WWDTHtWf2CXtaOwQH%2F8QoURYfnhEcJEijnlXSH30Bdh5rWJOxCofORQ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171ac0d099b80-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.transit.min.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 8 KB
3 KB 54ms
49ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/jquery.transit.min.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d447eb81dc16840763055c0189191c32f22f8a4062a1d896e0d8375681126a88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 132177
etag: W/"63c51217-2190"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifjb%2BvcDESXVFG1jvkOc95X0trSN6u5kFk1MqUEdBTzfBM180grppwZeYl%2BgWMOMOzR69aylzmnUBX%2BGz7dbTljquxtdnvTJjXFR7%2Fgct6ecVb6vBY%2FTs05GJvAdZxYQRepEXpK3KhZWRyREepLnlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171ac0d0a9b80-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.sidr.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 5 KB
2 KB 94ms
90ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/jquery.sidr.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddfac8d3f564750c023e8127a8f970776977a6a8bc31ec773ae3a6ca9b6ed121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397110
cf-polished: origSize=9878
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: W/"63c51217-2696"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48ESvK2e7GPYsk1qaLDubfyLKE%2BqFoJhdcQnioYfKbgm%2FldksFKQi%2FSbs75Sk7IoZiw64puuBUb3ryxKZpKfp3oxD7zM1tCrLC3YI2QhOXB0t3rh14COmVYSiWJxeM90nIcRyTGgACHrqQPeQi4ATw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171ac0d0b9b80-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wprmenu.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 4 KB
2 KB 55ms
51ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/wprmenu.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df888b9df9e006acae5359c2c62c81967576b266b37b9571924e813c6bdb13b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132177
cf-polished: origSize=6202
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: W/"63c51217-183a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxuOrWQ0z%2Bje0mJwZxhoCQTrvHuxZAzwWjhO25eccfPzO5n0X%2BvGFIZnqJiJkgkkft1siTp24BUFwXXRPdUboNUUFSX5fBTHENeHk30J%2Fd0%2FqpVAAlXj4h51NQyY5x1MtdLyx0sE32vi7jp31z%2B2aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171ac0d0c9b80-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 7 KB
3 KB 56ms
52ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/jquery-migrate-1.2.1.min.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 397110
etag: W/"63c51217-1c1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEBgXUqwydRF1zysWituQnnpQCmmaffmY5NRgoxrzt%2B5k3LmkeGnbhaOX5H19C24FEPza5uNMv0E7Ui%2Bw%2FDzPw%2FbjZM%2BluMKRqaF%2FuplAslqfCF5upUBSKkO%2FeVnDFzfQq4EWqSIvFG8RevIwRcUfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171ac0d0d9b80-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquerycookie.min.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 1 KB
962 B 55ms
52ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/jquerycookie.min.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ece4d88aa6f12a653aec2ffd117fdcf78f35658fae6ac04debde1ae9917a340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 132177
etag: W/"63c51217-434"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PykULz1vm3IO7p7O7Rfyw1LXBvkFYQB0gua7hBCBC4lncQV%2FQJpWHDjwaT8qD0Talu%2FoLar2He9339UE3pit0saxk0S0O9dGJ%2BoSL8ATUZzIttgJnc5Xo0ZtnjctmuxA%2BfHJrtgDbEyUp05vVct3yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171ac0d0e9b80-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 game.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 434 B
535 B 94ms
91ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/game.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744612e8612695e2016cb19624edeeb15760fc8fd407aef26963ddc03ca126da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132177
cf-polished: origSize=570
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: W/"63c51217-23a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzmwL%2BZa5CpRqBENpOYbcly9PAaK6CxsG2auOH6iTdEWXCaCmQXi%2FuL7Fj5JiQ9f1Lme4%2F%2BhA1mStMJWMxMauM3fX8hk8TTCrrYJ40kLwlyNrDdR9drW%2Fn3hANQMmjd9L1wBcMRa%2FTNDuhassqU3Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171ac4d399b80-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bloxorz-logo.png
bloxorzonline.com/data/image/options/ 7 KB
8 KB 65ms
60ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/data/image/options/bloxorz-logo.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d572cd5dcc448f11da71e05bd5abf61ecd43ef2aa2a60cffaa44122af490051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 7454
last-modified: Mon, 16 Jan 2023 09:00:20 GMT
server: cloudflare
etag: "63c51224-1d1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbvYFjhOvZRuvBfB%2BCYN8SaTKJ%2F9vJRLfrQ0zn2nu6iFBBKfJA6Tf%2Fo6EJvZ8TRXNsqzk7%2Fpgvuz%2Bv69XOn949%2Buu6LzqkvoX1nw84m3avQiZQLwn6cSK5at57kAA37V497gPr9C91BagdA2kF7zgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbba88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 214ms
119ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bloxorzonline.com
URL: https://bloxorzonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75368b7caf64ba0c768543e2c4edd2c916a960fe725cdd2b7d1e855efadadcac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50753
x-xss-protection: 0
server: cafe
etag: 2457179417105850293
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 23 Sep 2023 08:33:39 GMT

GET
H3 200 bloxorz.jpg
bloxorzonline.com/data/image/ 5 KB
6 KB 115ms
109ms Image
image/jpeg 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/data/image/bloxorz.jpg
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dbd335a2e48aa6a82d048ad639ef8f15bab8e2328d05ce21b8a378e35b307f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 5510
last-modified: Mon, 16 Jan 2023 09:00:24 GMT
server: cloudflare
etag: "63c51228-1586"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhwI87pdFoVQW0%2F5r6JmcvUJ8IKyPC7hzM1CQm%2Bk80mt3Y5CR4ghp3eZDqgtXJQUvKNx6bBAkJl319YtwlXPq%2BUoOxhMBToIiPq%2BIdmVgu3F4OWgQRkl37AcMZAydV%2BuXGa6iWVt%2BSyw1iMe%2BHqqmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbbb88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 206ms
43ms Script
text/javascript 2.17.190.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: bloxorzonline.com
URL: https://bloxorzonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.190.170 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-190-170.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 08:33:39 GMT
server: Oracle API Gateway
opc-request-id: /4F9B674170E5A7E51940FB2EDFD3347B/9A92CDC21BB1F309684DECF2E044C16A
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H3 200 gun-fight-s150x150.png
bloxorzonline.com/cache/data/image/ 29 KB
29 KB 115ms
110ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/gun-fight-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c045d0b2379d0513643ccfe1a60cd5faeb3b42046f75af14771aa9780fd85450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 29230
last-modified: Mon, 16 Jan 2023 09:00:59 GMT
server: cloudflare
etag: "63c5124b-722e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2U1iiUS3LSrIUb%2F2xxd%2FosiezIDjy7YkRCInRdKo%2B9C4afrL9UxY4y6enPgWWXDM%2F2%2FhXgne%2F%2BPZ84%2FMmQ94epMjN57g1BEKayzmMtNBh44exn6xxoRNMI%2F6T3AwsA3cIMyBB%2By58uLFOdgQrHdwNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbbc88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 4-seasons-bubbles-s150x150.png
bloxorzonline.com/cache/data/image/ 41 KB
42 KB 161ms
156ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/4-seasons-bubbles-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0a8d1bce7bcd78564ba4b66962cda51ecb91bca8c1eaff8b97ba44d0d0677f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 42424
last-modified: Mon, 16 Jan 2023 09:01:08 GMT
server: cloudflare
etag: "63c51254-a5b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mljK7AvWNQtkeezzlQAG9%2Butpgzh%2BkMUvQpEzSpkyD83E39Qr7DBEA7YoK3c9aKbMfI4Ga2rcvYKDtp2chwoZxCbrP2YtPaXuu1fqjXbGs3d01q%2FUpWQPa80rwBF7xEFd00Lk7YzjaqeShNTXV7arw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbbe88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 street-race-s150x150.png
bloxorzonline.com/cache/data/image/ 31 KB
32 KB 211ms
206ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/street-race-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f27f807a62a9f4fd8b7339ecb1c1a9c24448ddbb5c339d6cd63442255bf933a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 31857
last-modified: Mon, 16 Jan 2023 09:00:57 GMT
server: cloudflare
etag: "63c51249-7c71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o52NbZSbIfWNJTfnMlQNZvh%2B5Ckf1E4wRIIE3gwA8Xd4ZzRSjJoAWDFQjGVD%2BOrHfCh8p9bgyVsAEPUz%2FgEmgQLRfrvXBbbW8xzYqFZN00SDQljbYBcVDWOBmFr9uaT5RfEY0GgDobPkfUC7P8yr0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbc088c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 flip-master-s150x150.png
bloxorzonline.com/cache/data/image/ 34 KB
34 KB 259ms
254ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/flip-master-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc3c99c7ab603804d3bbeb1cb59bc7b3f689d4f9133e9367018d5dc77cca3bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 34445
last-modified: Mon, 16 Jan 2023 09:00:58 GMT
server: cloudflare
etag: "63c5124a-868d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gadqBxC%2B6H3%2BrHXkQ%2BfOsSjJ4H8EkZ73Tsnrqy5VaYkQG1slpobyXF6KQDP75EYPXVYkRsbtBQ%2BYPKrofYvldlsCYTeg8kgPHbXJWnlgpMfqF6kQF0RDZtzARsbyiPhyxg%2Fkv6Jn1uHbbFMQAKLz7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbc188c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 crazy-taxi-s150x150.png
bloxorzonline.com/cache/data/image/ 15 KB
15 KB 261ms
256ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/crazy-taxi-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4080073ff91cac21b75f1799733dc1c5c9be0500c376f8651dc75e0f1474cca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 14890
last-modified: Mon, 16 Jan 2023 09:01:00 GMT
server: cloudflare
etag: "63c5124c-3a2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pJ5PT4mx1Vot6iryX2juXYkZAWnHFVXcJkai6mc1pN7VjTnwBUliozf5yMlpx%2BkDG5hJrrykZJLxV03P0CHQQTVPWRTAxbz1tCDzhmFL6AkVT1KdeywVt3d4Fs8oE3ZjwLfmJCXrBdHEmoG0K34xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbc288c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 short-life-s150x150.png
bloxorzonline.com/cache/data/image/ 17 KB
17 KB 261ms
256ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/short-life-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d17cb57d428b8ac8fa63b67dd47816d7e45ab22a62cce4716bb7a3d6c43eb27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 17321
last-modified: Mon, 16 Jan 2023 09:01:07 GMT
server: cloudflare
etag: "63c51253-43a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsRn7B%2FpDfhwN3yObxMpz0VOxWrllTHEheeaNxy60d7uEnNObO3HMh6CVxzSteqCMgiGkzZQsKtd2UmkOqe6PXExEQ2uDIDIdCbrMXLfKoChCfnFhXhdV8iIB%2BtvnjDaq4FhXw%2FRaj2u9zqFNCAQug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbc388c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 minion-rush-1-s150x150.png
bloxorzonline.com/cache/data/image/ 25 KB
25 KB 262ms
257ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/minion-rush-1-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 546ea88f0e551c7466a9eaba30694d2d15a012ac1eba66193b33935fff193de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 25167
last-modified: Mon, 16 Jan 2023 09:00:55 GMT
server: cloudflare
etag: "63c51247-624f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gY3H1Ph%2FdcdqoDvb4EtRPg69hWuk7AXQRrhleWgIzIT1j6XwWcQmm5F%2B8ENJb7MErbxd1v6YKhgC%2FXawAwurr2u88h4DR1icV3SotVKCf44i5W3YcBPlSWZAavlO8sM8EIJOrw%2BmucvjppujKbP0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbc588c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 dirt-bike-5-s150x150.png
bloxorzonline.com/cache/data/image/ 46 KB
47 KB 288ms
283ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/dirt-bike-5-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74497a553724541ca99e24162465e3fb1c1040a37f0fdb577768c281e0456d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217608
alt-svc: h3=":443"; ma=86400
content-length: 47540
last-modified: Mon, 16 Jan 2023 09:01:02 GMT
server: cloudflare
etag: "63c5124e-b9b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy31xQ242oKIypmTEYgEt%2FKFjeWBeqOz4RLw1C0a5aiSoxWgJOlGbUTNWEkUEb2vjsseKuVR45cjnmu4q7XIPxWrl2Xp2kotRTpZ7Gl6FmrKmzerz%2Fe9%2FMwuBWpkSv%2BDpkgxmRmMwc81PxLBn0JE0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbc688c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 angry-birds-connect-puzzle-s150x150.png
bloxorzonline.com/cache/data/image/ 41 KB
42 KB 307ms
302ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/angry-birds-connect-puzzle-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 094a6a8d51ea7a0797dee8a41453cf5597420ffaa645dc50ebc52e57690197b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 42411
last-modified: Mon, 16 Jan 2023 09:01:02 GMT
server: cloudflare
etag: "63c5124e-a5ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taB%2FsPsYKixZLsD8pYt1qxzZh9QRGAgBEadNkhjvgOTHh5cG9RDR%2Fy%2BM%2F5VV7%2FIZPds%2FdiTME56Or55qi%2FUsn61NqhDYiRwwt6gh7VZBv9itUX5AEI5uMEfyOU2%2BFMTtV%2BS2r73kw5wikH4lU8ggcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbc888c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 money-movers-2-s150x150.png
bloxorzonline.com/cache/data/image/ 34 KB
34 KB 309ms
304ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/money-movers-2-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942fa785b7df43f495ba684a9b1b3e29a9f16fe4b7a9058072304474480fc12c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 34323
last-modified: Mon, 16 Jan 2023 09:01:08 GMT
server: cloudflare
etag: "63c51254-8613"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BwCShzAB1Ls6gve%2BHhZRjBhTvDxXvUwN4rpFjP16noivRToEdM3U4HZ5rHRtQF7eaiIVcyri7Zg7f4WVVq6XGcjNgBM5%2B5LSaSYBZazPhcH1Soe9Y91x7dLnoy0G5bdYUi0a7bJAGgxIanHN3C5lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbcb88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jewel-bubbles-3-s150x150.png
bloxorzonline.com/cache/data/image/ 52 KB
52 KB 310ms
305ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/jewel-bubbles-3-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5bb28f559ba29b33cd7893335fabe0f6ef2cea90e2273d9f6cff803f726400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 53153
last-modified: Mon, 16 Jan 2023 09:01:07 GMT
server: cloudflare
etag: "63c51253-cfa1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0OKVs3mpBB5fktE4Rgz3TKPWxeoOCagLMbJvM7z4%2BIHaWdmv1dADZGZ1Uqnufi6KpQW43FXi78O6aSC9YjHbvVRkqg%2FXQgGSTYCdsjsX%2BZ%2Bjhwxtbv%2BKjSDBk055XbGZlOscc%2FdFXJ3khoq0gLE8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbcd88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 space-colony-s150x150.png
bloxorzonline.com/cache/data/image/ 39 KB
40 KB 346ms
341ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/space-colony-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e9e0d8145e8dabec6ef617c62aab7a65bbbf4ff59fcac3eb0f807e90ce34c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 40298
last-modified: Mon, 16 Jan 2023 09:01:02 GMT
server: cloudflare
etag: "63c5124e-9d6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4v4%2BaRTWvKeEt55f2SgF1ZMHaGUO52Jgslp7FJIshmkMkNNkeNQIKDfpBEUoxcz8MvWk9nvvlnzPL9RnYAd5ghfo%2FaGmMiPC7elqFJuJg%2FoKcvDuiNPwBOHPCAeDa9%2FVwQ9dOu6H%2B8wyIpOWPlEgxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbce88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2048-merge-s150x150.png
bloxorzonline.com/cache/data/image/ 23 KB
23 KB 354ms
349ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/2048-merge-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf7e0d2d5f380f7227076db1305eb7d5ab57fe6d545d3ba24e281db2442b07cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 23348
last-modified: Mon, 16 Jan 2023 09:01:03 GMT
server: cloudflare
etag: "63c5124f-5b34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZJTRwsIVOqFog6yTnmHmPKNp7P4uUdMWKKIA2k2NUBTWsWg6XxhgNDS44LekMQGSGZJ94xAtZ3ybPzzMb1FFBU0z6hvJa2evnJMF9c99bMAS7KH26jOHc6U3sovY2RuHr12f3TWyhllF20b1ZIv8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbcf88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 apple-shooter-remastered-s150x150.png
bloxorzonline.com/cache/data/image/ 35 KB
35 KB 355ms
351ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/apple-shooter-remastered-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32eb1cc3dc7556a9c5f30878d14446d47d8bae06ec6aca933089e3b147105694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 35718
last-modified: Mon, 16 Jan 2023 09:01:01 GMT
server: cloudflare
etag: "63c5124d-8b86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZocnC4dWuqR6c%2BCDoNhQi6%2BuNqv9rnItMCzd%2BcAL%2FR0s5uvJ%2Bt28LbGVwAaMAmyjcDbH9PySKuMkUghuXZd7yBkHhS4P%2BlaT2sTBXs1703VK7zszAHh53k%2B949lpssRm4SypHT2o2Y58AiejWr8BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbd388c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 deep-sea-mahjong-s150x150.png
bloxorzonline.com/cache/data/image/ 28 KB
29 KB 357ms
354ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/cache/data/image/deep-sea-mahjong-s150x150.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d983b9b86fc0ab5616ce17041d6f02f0af43a28a1b6827820c763f85b8bc90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 29134
last-modified: Mon, 16 Jan 2023 09:01:07 GMT
server: cloudflare
etag: "63c51253-71ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Co2CgDiL4%2FTt3mgI9eSVmxzbpgcyzR%2BkpH3LiRtoxpfto6EWkRzXICfJAsuyMlTUyB76oTaMzphvmYwpN8ywq%2FJc8Kv7K0hFNVgMJfeGYTO%2B3MdizK0sYUT3F3%2BPrZg5DrIzPfEEKjlpkM1NzLsO2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbd488c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 game-tracking-views.ajax
bloxorzonline.com/ 0
515 B 359ms
356ms Image
text/html 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/game-tracking-views.ajax?game_id=8
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWYig8bLscj60lodxLWB9s6LfjRgT%2Bdh5S2L%2BRj9f93ZBXYopdsypaiFtoNXL%2BeGxnOmnYggU2GLylxS7bEJAS3hCFO2Y9BsNfo93xi87jS2nn8IUe2uoiQT3IuirH8ti09JDKQyrC4OhdLliTD0FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 80b171acdbd588c1-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 custom.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 3 KB
1 KB 267ms
267ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/custom.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3193fec08ffe0cd9027f716c36ce3cf7eaae46d336ca1e0f5078682f665e3b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63c51217-a0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIgACMMeoNS97Sn%2Bz%2FQaAsv%2Bkcc4hXvtMUy%2FcteQ6Dber5nOimwwOixCpCKNBkolTk6oMmv%2FfUMcA9S5egckSzLmqi2jiv%2BQ4aMh7NI%2BCUYp8tYoM0a2a6x91OQV1npQomGYBkQVJZsAZHPRjuCbQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171ac9d799b80-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery-migrate.min.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 10 KB
5 KB 65ms
60ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 67413
etag: W/"63c51217-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dAgRPM8T27hDjYnh7GJgv%2FL10o%2BXwEb8OXga%2BFy2QZdDwO1eZQ4SnnpoFyGjo1%2FmsZD2B7UvB3e6XiDf6fgLlYbJbflNy9WSG5j98Zrp7DmNgLrgzoGSn8GTqUNuBhH83Uyxt049lAnYdcb4vnTlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171acdbaf88c1-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.raty.min.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/plugin/raty/ 8 KB
3 KB 77ms
72ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/plugin/raty/jquery.raty.min.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eca2486761672e30bd75cc6b58eeb3374c42daa18878dd1a2e8356855845173a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 67413
etag: W/"63c51217-1e40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA1ZMOG6XBqQ%2B8zmFBcgn19hLu0oNWsWqkxYdk%2FuyMHD3PpeUzRh9UFiyxsjHxY3NyALYGSyLp3sU5Mq%2FdlYpscIVRIusxoRgpBqXi7Hk%2BAps6yUfCeODE6WA%2FvUORFsKiLJNwPOBkf5eBoIfM7O7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171acdbb588c1-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 141ms
48ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: bloxorzonline.com
URL: https://bloxorzonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c84a93bd9c5300c1d75a733958664acf817d565d2ed6a33857582ebc4702beb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 23 Sep 2023 08:33:39 GMT

GET
H3 200 jquery.validate.min.js Show response
bloxorzonline.com/themes/bloxorz_2021/resources/js/ 22 KB
8 KB 114ms
108ms Script
application/javascript 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/jquery.validate.min.js
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 67413
etag: W/"63c51217-58a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sYivo2SR3Ic9es15K5xibbLEvbT4Bt2ZuHH3Ga5cXk2T%2BhpxNha0Ud8GQWiAeDvFATziXM4VKAZAVhUh8Ljrjs84mBysMx7owCRUxKTZAprEk9sSO2X6BfZmHddKO%2F5tlELot73JOPt6Wxy0EBCTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171acdbb688c1-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bloxorzonline.com
URL: https://bloxorzonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 07:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2958
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 23 Sep 2023 09:44:21 GMT

GET
H3 200 bloxorz.embed Show response
bloxorzonline.com/ Frame E451 13 KB
4 KB 354ms
350ms Document
text/html 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/bloxorz.embed
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 48360d9b4460baf13e39e434b765fa7923ee5340556711031fc61fcecadd5d21

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80b171acdbd088c1-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 23 Sep 2023 08:33:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cE729ri4LRCaiFTwSWjwJ9QqmJvTaqB%2FVyZZzV%2BLMyjvOw7laG5JflDPmqeh9QiH5jiaF7vRcDx1NJ%2FSkX6Lu%2Frmp34Ma%2Fx0TbXy7%2BzdcZ8c25%2FIaDnIlGrvR6fpjKM4G5rKRfe5gdCuw7IQh%2FYf8w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.33

GET
H3 200 noise.png
bloxorzonline.com/themes/bloxorz_2021/resources/images/ 2 KB
2 KB 359ms
356ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/images/noise.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/main.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d3b7bc3f966bed6b797bb9d26f80facc5ac43efe755a8242aa16afa96bb0be5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/main.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 1541
last-modified: Mon, 16 Jan 2023 09:00:08 GMT
server: cloudflare
etag: "63c51218-605"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIrQ%2F2EY1uJ34sL62XdDo1XOrnXShG6UCdcfP6ag9G4dsAJeVO%2FhIqukCE75jV81RThGuO7XARE8Jpiy8H4BcaW8%2FPbvjcFacGIpxPqNOhKDNzmVN%2BwspZMdKVMf1CFH1c50NtyG%2FwSvDyfSj7pIlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbd888c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons@2x.png
bloxorzonline.com/themes/bloxorz_2021/resources/css/image/ 22 KB
23 KB 359ms
356ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/image/icons@2x.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/custom.css?v=1.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba2cce31166d103972d7f0f34bc07d241e3438eb3d97bbc140928d32a1a4369f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/custom.css?v=1.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 22957
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: "63c51217-59ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=me%2BftoIAjwsrvk7mn0HSJtW4XAABCPTycaQH8usxfm%2F4FJN%2BsLYIovHjyn3IpZBk7UTQwU%2BJWzR5aGxNziVujNMizkNPoH%2FXpoJpo4gIz7nWgnN55uPpli1f%2F%2BAH3e7cplIHMRAPK4xIuZW9uSuivw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171acdbda88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
222 B 47ms
46ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1713454134&t=pageview&_s=1&dl=https%3A%2F%2Fbloxorzonline.com%2F&ul=en-us&de=UTF-8&dt=Bloxorz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1463653269&gjid=1079645410&cid=237628892.1695458019&tid=UA-91602751-7&_gid=1939468932.1695458019&_r=1&_slc=1&z=641208366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ecdd4a2e080e67ea740655f85d716f23a53b1ca77b1376b90ebd4d0db4c7b3b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloxorzonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 08:33:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxorzonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rating_stars.png
bloxorzonline.com/themes/bloxorz_2021/resources/css/image/ 811 B
1 KB 186ms
186ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/image/rating_stars.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/main.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e6cd4ec46f319a27ba9b83850c4ed2bd35a8b3cc709650b88011c3becb5b6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/themes/bloxorz_2021/resources/css/main.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67412
alt-svc: h3=":443"; ma=86400
content-length: 811
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: "63c51217-32b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lleZo0jaI9wXIsIHVuhjlsn3ObgugVu%2F1FxKzXmwhMzVTlmg%2Bt1cjl6cyigAQhzqwtoTMIjNQiyXCEkKf0YK%2BaxC0yPkeD5PxD4xmfyvbXobUQ8YzJ1YuR3%2BDCdUAR7Uhyq0iigo5Ahyq0Di45ejoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171adfd8388c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
80 KB 150ms
56ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ECC5DVK4F2&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39c5ae44d7e35d5949cf948a88bac835c5800b298e430feef08f88de8429a722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 08:33:39 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ 456 KB
184 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzonline.com/
Origin: https://bloxorzonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187854
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Sep 2024 08:26:40 GMT

GET
H3 200 comment-paging.ajax Show response
bloxorzonline.com/ 1 B
525 B 166ms
165ms XHR
text/html 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxorzonline.com/comment-paging.ajax?page=1&limit=5&sort=newest&url=http%3A%2F%2Fbloxorzonline.com%2F%2Fbloxorz
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/js/jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept: */*
Referer: https://bloxorzonline.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0X5isaWb0pXNytdc94Zm0izE2oLz7W8yX%2B%2FutvJVOlJ2TIOAPP4cNBlLxSJ1nv1YC13qmyKoklTZ0j7K6wz0f6YdaW4%2BEiUwokoSsawXab0AUsoOr9Rc43s%2F8ozV6jbU38qDZ%2BRALkz3TzpLd5wrWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 80b171ae7e4e88c1-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 star-on-big.png
bloxorzonline.com/themes/bloxorz_2021/resources/plugin/raty/images/ 1 KB
1 KB 109ms
107ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/plugin/raty/images/star-on-big.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88233ad1abcd2282b53edb9465a6bef42fd32de319f014e4059353e4fd8a7e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 1031
last-modified: Mon, 16 Jan 2023 09:00:07 GMT
server: cloudflare
etag: "63c51217-407"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56h19gTNpL22mCSyXvzlY7TYGlTs8%2FhTHwS5TUFl3OQMPXNEVRUwqCvKjZiLd1L6YS9YMVmDxWQ5HhDw1XjsQ2LM5QLzUQBx0DeLteGgR6Hvr7i29b%2FKi0bh%2Fvx4ZozMB4ISCMTIaOUtWd0nFcKIgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171ae7e5488c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 star-off-big.png
bloxorzonline.com/themes/bloxorz_2021/resources/plugin/raty/images/ 930 B
1 KB 109ms
107ms Image
image/png 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/plugin/raty/images/star-off-big.png
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf9b07584547d5d561dfac9cdbf7b6a530cb72a1b7a1096411966036c4017d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67413
alt-svc: h3=":443"; ma=86400
content-length: 930
last-modified: Mon, 16 Jan 2023 09:00:06 GMT
server: cloudflare
etag: "63c51216-3a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTJg2FRR437iNqiqMGbI%2BO4FtxvphECwoFKGG4OvTX7WoquWxKDPmhk9MdF%2Fc4736rUwKMH3bCSkanZsRIWmdeOxy01cJm%2Fwp6JziBdOo1AEKKHhu4dXIkNw9h1%2Bjr5klPPSiA5qzw76AXmdr%2Bf%2BSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171ae7e5a88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_loader.gif
bloxorzonline.com/themes/bloxorz_2021/resources/images/comments/ 30 KB
31 KB 109ms
106ms Image
image/gif 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com/themes/bloxorz_2021/resources/images/comments/icon_loader.gif
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7263dc2c64c87b9847f52e8a6e35447c968a144fc7940084fe3ca89003e8fbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 222830
alt-svc: h3=":443"; ma=86400
content-length: 31057
last-modified: Mon, 16 Jan 2023 09:00:08 GMT
server: cloudflare
etag: "63c51218-7951"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOnV4vaFn4RK2ttLFNTXvs%2Fib1j63NbRAgKHsfb1sm34PFogtgRXHKOkVs6QMbsRdbQFNYNrejB6hfeXH4ofFr2RcyzWYYRq9i6pDUot%2BdXuFj5jIAxz4EzC8FIuDLSqkY9h8wgxtTAp9YUKlQeoCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171ae7e5c88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 105ms
100ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5636557392151555&plah=bloxorzonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db4815fc4b850cab324d00cb80af5f530f27afe1817d75338bed8c2742143c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131562
x-xss-protection: 0
server: cafe
etag: 13669617258238883547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Sep 2023 08:33:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame F05F 10 KB
5 KB 129ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 06:59:06 GMT
etag: 2603938475786422795
expires: Sat, 07 Oct 2023 06:59:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame E451 95 KB
34 KB 149ms
39ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: bloxorzonline.com
URL: https://bloxorzonline.com/bloxorz.embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2024 12:10:59 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 138ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ECC5DVK4F2&gtm=45je39k2&_p=1713454134&ul=en-us&sr=1600x1200&cid=237628892.1695458019&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fbloxorzonline.com%2F&dt=Bloxorz&sid=1695458019&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECC5DVK4F2&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 08:33:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloxorzonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
610 B 141ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bloxorzonline.com&callback=_gfp_s_&client=ca-pub-5636557392151555

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5636557392151555&plah=bloxorzonline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa1504d814852a46e90330684cb1c4adb6b0b8b66987ef721ffc9ea3e9145529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB70 123 KB
39 KB 1398ms
1398ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca1ddd1bcbeb23e8c6de45e59bbded69421267b6929c30d6273f06b2c147746a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39937
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:41 GMT
expires: Sat, 23 Sep 2023 08:33:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C8DC 53 KB
30 KB 69ms
68ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKT1saAAAAAA43C3O4Bn-EiZ59Gu9O0ud2YB-D&co=aHR0cHM6Ly9ibG94b3J6b25saW5lLmNvbTo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=p4jn1wv1b5ig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b0dded1f73e56e0a983076eb33487cdb170d4bf4fa66b4dfc3ffbe1fe214c0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xMpeSmlk0kM0oHODclFQGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xMpeSmlk0kM0oHODclFQGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3389 34 KB
14 KB 228ms
228ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=629492764&adf=2669962450&pi=t.ma~as.6113373024&w=1174&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1174x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019604&bpp=1&bdt=424&idt=300&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=17&ady=1149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QnfiXrNAWd&p=https%3A//bloxorzonline.com&dtd=304

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c00c09b2a98a657a74b99876134d335f135e36069b1f8e7b69fadc5908ec69a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13975
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:40 GMT
expires: Sat, 23 Sep 2023 08:33:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FACE 116 KB
38 KB 748ms
746ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e279ec011002161039a91de5072d6cce2d6be80150028d481907848509ec5246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:40 GMT
expires: Sat, 23 Sep 2023 08:33:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
html5-games.io/game/roll-the-block/ Frame CE55 3 KB
2 KB 534ms
393ms Document
text/html 2606:4700:3034::ac43:ba7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://html5-games.io/game/roll-the-block/
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/bloxorz.embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ba7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e9a5ca30a9f0bf63e3ca55ebf344169496cd0b955e68745aadbdff1241c144

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=300, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80b171b1acabb8af-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 23 Sep 2023 08:33:40 GMT
expires: Sat, 23 Sep 2023 08:38:40 GMT
last-modified: Mon, 16 Jan 2023 11:20:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukU4hzw3Pmnpl9qChZZ8v%2FTbwifYb5H7P4FiVFxsHj1Re11%2BLz5uoU3q2dm2%2FOJJgw6%2BIReyvuBejX2g%2FwWSmMZgpBsOQNbN3%2BT661cCbJ2qYcOjX4Ko2yF0WQIsb9MnNOneaVMg0gaovX6EdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H3 200 bloxorz.jpg
bloxorzonline.com//data/image/ Frame E451 5 KB
6 KB 60ms
59ms Image
image/jpeg 2606:4700:3030::6815:48cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxorzonline.com//data/image/bloxorz.jpg
Requested by: Host: bloxorzonline.com
URL: https://bloxorzonline.com/bloxorz.embed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dbd335a2e48aa6a82d048ad639ef8f15bab8e2328d05ce21b8a378e35b307f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/bloxorz.embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67412
alt-svc: h3=":443"; ma=86400
content-length: 5510
last-modified: Mon, 16 Jan 2023 09:00:24 GMT
server: cloudflare
etag: "63c51228-1586"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IlYp7jfJxK0XRzFhGksUqdClAHFCa4uuMzHniUJTTkgfyTnvc3mjauuTXY%2BUSpGgoKAYUgsH7QQGvO0Hzlj9WOsLYCcxICTPitdLbZMHgHXfSZ9GEpXCVK4RgpurTa5uL7AYZKfEd1Lg8XZQ9jLeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171b0dadb88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame E451 361 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5936b957643263705862968c40035f843b0ab7f5f4ab20fb7e91dd0325d3b0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8AD4 306 KB
74 KB 1265ms
1255ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&adk=1812271804&adf=3025194257&lmt=1695450819&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbloxorzonline.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019631&bpp=2&bdt=451&idt=315&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280%2C362x280&nras=1&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9e7628ad8560e630f2211f9cf10916d589ffe3c19b4d8b4b072981e369435ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75430
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:41 GMT
expires: Sat, 23 Sep 2023 08:33:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame C8DC 55 KB
24 KB 120ms
40ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKT1saAAAAAA43C3O4Bn-EiZ59Gu9O0ud2YB-D&co=aHR0cHM6Ly9ibG94b3J6b25saW5lLmNvbTo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=p4jn1wv1b5ig

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 07:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Sep 2024 07:15:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame C8DC 456 KB
184 KB 140ms
60ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187854
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Sep 2024 08:26:40 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 522A 120 KB
42 KB 383ms
69ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQ6i4wAOo_oKsoFSAARtdCoSSNVzDhlSFeK1dw&u=%7CC2GRLkHZYoGxySnewOSTqPblw6I0LBPhR8k8P0ASCPY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXPpeAoPTN48s5WhV6QJkPjaeO7pnAdgo5dwz5nzZ0tg2NZ2tF3cQpImA0PS8EufpqRS7spbTbqFcRaqzjJeaxz6Pb-OQSdOvm9DwTSqSdWRWDScUdWWa9b3AyIa1z-hT5fjpwwzSPHnFGL0ivuBRphj5nR3qVZ-trzmybMpcPu-crNHrUq9FPOnuRdcaYBP5Bma86eyLVDZ4N9fHawzKeI6ZkB6_6z-TsVRNvLZb9gFHAF8g__qqDgGbJ_644H9zaA30eAa96uorlyP06FwaZLMEvBwo7e8_A--0Uv3HwEK5CYdkeR2Y98JLhFbaxE63mq_YcyoNPPV4eTV9NvkWKgnIcngkLt8ImZSZU-Hm8WKH-_rszgqROKeGwfn9Nm1kvXdfFVEiiVna-5-7SKidPCt-ymGB1x6hILmGp267WVgw47uw1aKBaGMuC1fGxX1x1RG7HgIxuUU1tO23Wm-ryQjp70LW5Bki72NStcrTdrgiGmLoj4U8-AETNA7P5hlziJgWTkkbgXz269LlnFFAzC5FIxzSdKKqQVf6igVsGio&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBVpx46IOZfrHOtKCygX02pHoDsme0rFc9Z2Y93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItNTYzNjU1NzM5MjE1MTU1NcgBCakCYTFGH3HfsT6oAwHIAwKqBMYBT9DYOggXtcAlN6CPbkALO6P1wEbjlIUhcBkXi1VHyEFcxd99o14lMjYOD41GEZi1Yg5-LgQ_l5Ko1r3NDV5fz4pgOC_nsLFPotytMbSE3RC1IQO8Qdk9EoIHzMX55HPE_DXxggy2MFhDGwuHsyFuEu3ssaCOT56L6TFbSCIsMv5SamYkW8PqBhHiD11GGPphYl_j8McO9zS_L39_-EjhrAWNvqblYhIbfJhRbmKyh1c84ig8m5opv0NMT0BBhalVBgL4-Vk7gAakj5-zoIrx7cwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11CEyYtmtbr42klMgu34x3GvFZIw%26client%3Dca-pub-5636557392151555%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=629492764&adf=2669962450&pi=t.ma~as.6113373024&w=1174&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1174x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019604&bpp=1&bdt=424&idt=300&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=17&ady=1149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QnfiXrNAWd&p=https%3A//bloxorzonline.com&dtd=304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5717ef6dd662b6ea50d0c022ee7c67e2dc72408ede89691a76a61e3dd2cda7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=l0wCp_MKUhmD2uDDyXM46Igv8IhBOM7i-Q0kgG9jiDH8RhcGR14bktQCHwsiISDXGnolQ2XdXW7IcZBbrn6iA9G0KcinMwmVBpautvahkiksddV8We-PzP4mL7MACMvpQUcCaNEHhtA3iwG2Cef_EMD75DSUvowtMCP2ngSFR87w0CEaPvzou1aydO8zyo_RDdG3mhyK0a_ixspdhGSgXxye5w8R3aIsGAGhjrfniG2WXmckVSklqymbISJx61WHgKr4nQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 16642659
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 3389 3 KB
1 KB 358ms
43ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 08:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 08:35:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 3389 20 KB
8 KB 354ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:26:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3389 182 KB
57 KB 366ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 08:33:40 GMT

GET
DATA 200
OK truncated
/ Frame C8DC 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C8DC 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C8DC 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:44:15 GMT
x-content-type-options: nosniff
age: 434965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Sep 2023 07:44:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C8DC 15 KB
16 KB 266ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 06:47:09 GMT
x-content-type-options: nosniff
age: 6391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 06:47:09 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C8DC 102 B
135 B 51ms
48ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKT1saAAAAAA43C3O4Bn-EiZ59Gu9O0ud2YB-D&co=aHR0cHM6Ly9ibG94b3J6b25saW5lLmNvbTo0NDM.&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=p4jn1wv1b5ig
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 23 Sep 2023 08:33:40 GMT

GET
H2 200 loading.png
html5-games.io/game/roll-the-block/ Frame CE55 4 KB
4 KB 357ms
356ms Image
image/png 2606:4700:3034::ac43:ba7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://html5-games.io/game/roll-the-block/loading.png?v=1
Requested by: Host: html5-games.io
URL: https://html5-games.io/game/roll-the-block/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ba7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3d6ebd27aca24ebd411aa4398cca253d4a05954e80e1151f4cb0707c16dd1ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5-games.io/game/roll-the-block/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 11:20:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63c532f0-f89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeEsvUmX%2B4Rikt8Cuh3poAOfscd6%2BoYriy7bLNpF5FIV9LR%2B2eBl1wKXrKBMKeNcGPoRLM8JirJKHUpSst1PoD9HGVzav7RypdxaunZEq8ZNMkR2GLo9iW%2FCg7W8RCuNg9LK5W22eRIuY7zD%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 80b171b42885b8af-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3977
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 UnityLoader.js Show response
html5-games.io/game/roll-the-block/Build/ Frame CE55 156 KB
84 KB 842ms
842ms Script
application/javascript 2606:4700:3034::ac43:ba7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://html5-games.io/game/roll-the-block/Build/UnityLoader.js
Requested by: Host: html5-games.io
URL: https://html5-games.io/game/roll-the-block/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ba7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c56752e3952727b1947d9eac7156fc99dc1d504e09bd1f02ffdba4684ee39754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5-games.io/game/roll-the-block/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 11:20:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63c532f0-26ebf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItoHUoHLYUefnvNJZB5kThWLKUytnX8IJ1PRWEEvEoqtDVkAQ0zX9IWNA2Vp7eounv52cgMQVtfI9nV%2BUePOfNyASQScOD2bvLGd1fPrTWn0UFKVKeZUXVq1oZ9V0MK2fa41vrTUd5iI4LEMyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80b171b42883b8af-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 3389 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f58db16e79b2ee2602a296397d14983d1ea9747df8ddf470f0ed717086e157f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 522A 2 KB
1 KB 164ms
50ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQ6i4wAOo_oKsoFSAARtdCoSSNVzDhlSFeK1dw&u=%7CC2GRLkHZYoGxySnewOSTqPblw6I0LBPhR8k8P0ASCPY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXPpeAoPTN48s5WhV6QJkPjaeO7pnAdgo5dwz5nzZ0tg2NZ2tF3cQpImA0PS8EufpqRS7spbTbqFcRaqzjJeaxz6Pb-OQSdOvm9DwTSqSdWRWDScUdWWa9b3AyIa1z-hT5fjpwwzSPHnFGL0ivuBRphj5nR3qVZ-trzmybMpcPu-crNHrUq9FPOnuRdcaYBP5Bma86eyLVDZ4N9fHawzKeI6ZkB6_6z-TsVRNvLZb9gFHAF8g__qqDgGbJ_644H9zaA30eAa96uorlyP06FwaZLMEvBwo7e8_A--0Uv3HwEK5CYdkeR2Y98JLhFbaxE63mq_YcyoNPPV4eTV9NvkWKgnIcngkLt8ImZSZU-Hm8WKH-_rszgqROKeGwfn9Nm1kvXdfFVEiiVna-5-7SKidPCt-ymGB1x6hILmGp267WVgw47uw1aKBaGMuC1fGxX1x1RG7HgIxuUU1tO23Wm-ryQjp70LW5Bki72NStcrTdrgiGmLoj4U8-AETNA7P5hlziJgWTkkbgXz269LlnFFAzC5FIxzSdKKqQVf6igVsGio&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBVpx46IOZfrHOtKCygX02pHoDsme0rFc9Z2Y93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItNTYzNjU1NzM5MjE1MTU1NcgBCakCYTFGH3HfsT6oAwHIAwKqBMYBT9DYOggXtcAlN6CPbkALO6P1wEbjlIUhcBkXi1VHyEFcxd99o14lMjYOD41GEZi1Yg5-LgQ_l5Ko1r3NDV5fz4pgOC_nsLFPotytMbSE3RC1IQO8Qdk9EoIHzMX55HPE_DXxggy2MFhDGwuHsyFuEu3ssaCOT56L6TFbSCIsMv5SamYkW8PqBhHiD11GGPphYl_j8McO9zS_L39_-EjhrAWNvqblYhIbfJhRbmKyh1c84ig8m5opv0NMT0BBhalVBgL4-Vk7gAakj5-zoIrx7cwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11CEyYtmtbr42klMgu34x3GvFZIw%26client%3Dca-pub-5636557392151555%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Sep 2024 08:33:40 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 522A 2 KB
1 KB 164ms
49ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Sep 2024 08:33:40 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 522A 308 B
636 B 172ms
58ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 17 Sep 2024 08:33:40 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 522A 293 B
621 B 209ms
96ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 17 Sep 2024 08:33:40 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 522A 43 B
348 B 148ms
45ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=t5vd0G4JN0SBYuBOprvCplOgn0_mapjiLXi52-mbLQ3nXFRrOXFgRHA3ANA0xVXKabIVrRZZpwHwATVFWsFAFDsXGKaAILm1Y2vKRBjlp3F6Tkp-RjO5D38dk13Kc6fRYnM7WKqP_U9LnXJNedyg5Y4hBNv9bq6MRVvbGSFKuwBapHnVNbPCZpnwQOSkPk5Qz11fA32my-XGajKOvH5CK2YUfHRmk4NlTjd_tSo-H_ITYMiDokx5DGC_N7TdrB2WbVeuxYL3Yva_6B8jBLbXEhGJn00m3xzEa-2Jwg5k4cO7RuPQJTgO0zTI7f1oCbiUtZDlY2NP2LErFAJBtWF7gOF2Fd-Ng_B00IQJcxj3a1Oq3wTIk-12kCoyo2FsszGBSQ8EHNYb4Cdf13oSzW9aQJZyY1kwUXzpwjCcKggKDqd_3-fC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 08:33:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1680788
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 522A 12 KB
6 KB 68ms
57ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Sep 2024 08:33:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 522A 17 KB
18 KB 350ms
229ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=476&m=0&partner=105494&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4968340%2F719d9dca0c5a4a588536d837fae729fd_069b1152-1652-4dc1-ae81-6a44b09da87c.png&v=3&w=462&s=FskZ6EcubAlgWT_ycMqyH1BP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4f96ab3417b5f7efd1900a13946bb4ec726de8c84ffd9906496ab40cb0b89b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/png
cache-control: public, max-age=31104000
content-length: 17770
expires: Tue, 10 Sep 2024 19:04:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 522A 45 KB
46 KB 267ms
147ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4968340%2Ffc09e698c9a84d82be3aaeff5450c67c_1200-628.jpg&v=3&s=ttgWMrY_oiSir59v6snSVCF6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d1085ad03e564793ee63726978c4ea73d0427f67f046e09a4978176a784b927f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 46536
expires: Tue, 10 Sep 2024 19:07:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 522A 126 KB
126 KB 218ms
99ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4968340%2F87dbd1f148ae424d8b5a18d8a59a055f_29bdf3c5-d9ec-42e3-9a4d-0f50e07c9a00.jpg&v=3&s=AT6Oisjjr7U-3-zRyuU5GtFo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5e69e1fb4b4787361714b5dc55266ca81cea21d38477dca4644c234529f693dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 128676
expires: Tue, 10 Sep 2024 19:11:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 522A 193 KB
194 KB 325ms
207ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4968340%2F632655eb620340739c83d656b535040e_2595557b-e43b-4395-be7a-6f659ba4cb57.png&v=3&s=ryxu_0Dsqq2061hjOslW2cBE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cb19e4525c84cc0f30da6ba647b0677da7c9e6709a78938f704aa1116a056264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 197938
expires: Tue, 10 Sep 2024 19:11:35 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 522A 0
128 B 149ms
49ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=l0wCp_MKUhmD2uDDyXM46Igv8IhBOM7i-Q0kgG9jiDH8RhcGR14bktQCHwsiISDXGnolQ2XdXW7IcZBbrn6iA9G0KcinMwmVBpautvahkiksddV8We-PzP4mL7MACMvpQUcCaNEHhtA3iwG2Cef_EMD75DSUvowtMCP2ngSFR87w0CEaPvzou1aydO8zyo_RDdG3mhyK0a_ixspdhGSgXxye5w8R3aIsGAGhjrfniG2WXmckVSklqymbISJx61WHgKr4nQ&sds=2&rev=88356&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 23 Sep 2023 08:33:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 522A 2 KB
1 KB 92ms
91ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Sep 2024 08:33:40 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 522A 2 KB
1 KB 92ms
91ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Sep 2024 08:33:40 GMT

GET
H2 200 11869717919708327129
tpc.googlesyndication.com/daca_images/simgad/ Frame FACE 36 KB
36 KB 45ms
43ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11869717919708327129

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ff6c341e98ea13439fec4657646fc5418dfbd3d00675e51181ea17b6a02da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 06:37:34 GMT
x-content-type-options: nosniff
age: 352566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36576
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 09:12:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 06:37:34 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A450 7 KB
1 KB 56ms
55ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6LcKT1saAAAAAA43C3O4Bn-EiZ59Gu9O0ud2YB-D

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b6d3445986a928134b58906b34d098cc9d91bd6db4ecf77d00139f21a336635b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XB-fdot8MSZU8dxX8Kez3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XB-fdot8MSZU8dxX8Kez3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame FACE 23 KB
9 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:29:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:29:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5E3E 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame FACE 3 KB
1 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 08:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 08:35:30 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame FACE 67 B
188 B 79ms
78ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 06:49:38 GMT
x-content-type-options: nosniff
server: cafe
age: 6242
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Sun, 24 Sep 2023 06:49:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame FACE 20 KB
8 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:26:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FACE 182 KB
57 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 08:33:40 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame FACE 35 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ff2a67cdfea7cc97eb5702aca327a995913ade98368d7f281c62c37b42d744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14554
x-xss-protection: 0
server: cafe
etag: 14061998647302830610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:26:03 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame A450 55 KB
24 KB 47ms
47ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6LcKT1saAAAAAA43C3O4Bn-EiZ59Gu9O0ud2YB-D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 07:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Sep 2024 07:15:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame A450 456 KB
184 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6LcKT1saAAAAAA43C3O4Bn-EiZ59Gu9O0ud2YB-D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187854
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Sep 2024 08:26:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5E3E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
49ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:40 GMT
expires: Sat, 23 Sep 2023 08:33:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FACE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6329039eec25d6239e10955f9757448b0ff87c1a5e06ad56f141e874a12d5a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FACE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-uWY46IOZevoPNaWygW0pYHgCo6WtYpz5cLYhaoR7_mt6JUOEAEgi4uQKGCVwqaCsAegAcHioNkoyAECqQJhMUYfcd-xPqgDAcgDyQSqBMgBT9DPS3MqkJBxFjnEzQu4WVOVag9LUQhMlR9...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224165722412521584534%22,%22debug_reporting%22:true,%22destination%22:%22https://swelabgames.com%22,%22event_report_window%2...

0
0

155ms
73ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224165722412521584534%22,%22debug_reporting%22:true,%22destination%22:%22https://swelabgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210924601665%22],%224%22:[%2209-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22932933436780563169%22}&andc=true

Requested by

Host: bloxorzonline.com
URL: https://bloxorzonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4165722412521584534","debug_reporting":true,"destination":"https://swelabgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10924601665"],"4":["09-23"],"6":["true"]},"priority":"500","source_event_id":"932933436780563169"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Sep 2023 08:33:41 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Sep 2023 08:33:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4165722412521584534","debug_reporting":true,"destination":"https://swelabgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10924601665"],"4":["09-23"],"6":["true"]},"priority":"500","source_event_id":"932933436780563169"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js Show response
pagead2.googlesyndication.com/bg/ Frame B6A5 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=907158369&adf=3693428616&pi=t.ma~as.6113373024&w=362&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=362x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019605&bpp=1&bdt=425&idt=318&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280%2C1174x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1207&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=XosH9MoEHx&p=https%3A//bloxorzonline.com&dtd=336

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14650
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:21:49 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 194ms
74ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 23 Sep 2023 08:33:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 522A 17 KB
18 KB 56ms
56ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4f96ab3417b5f7efd1900a13946bb4ec726de8c84ffd9906496ab40cb0b89b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/png
cache-control: public, max-age=31104000
content-length: 17770
expires: Tue, 10 Sep 2024 19:04:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 522A 45 KB
46 KB 50ms
50ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d1085ad03e564793ee63726978c4ea73d0427f67f046e09a4978176a784b927f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 46536
expires: Tue, 10 Sep 2024 19:07:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3389 0
19 B 84ms
83ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cjs-f46IOZfrHOtKCygX02pHoDsme0rFc9Z2Y93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItNTYzNjU1NzM5MjE1MTU1NcgBCakCYTFGH3HfsT6oAwHIAwKqBMMBT9DYOggXtcAlN6CPbkALO6P1wEbjlIUhcBkXi1VHyEFcxd99o14lMjYOD41GEZi1Yg5-LgQ_l5Ko1r3NDV5fz4pgOC_nsLFPotytMbSE3RC1IQO8Qdk9EoIHzMX55HPE_DXxggy2MFhDGwuHsyFuEu3ssaCOT56L6TFbSCIsMv5SamYkW8PqBhHiD11GGPphYl_j8McO9zS_L39_-ArjjZcNLXbYxMI8phRxh8a8oF2K6AYkGS7hguW-8F5tnTGfkiIRgAakj5-zoIrx7cwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2MzY1NTczOTIxNTE1NTUYAA&sigh=-Px2LDqXDh4&uach_m=[UACH]&cid=CAQSGwBpAlJWSB1MZvuqC0Z_YU1RlrOVu0fTbmNGFBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=629492764&adf=2669962450&pi=t.ma~as.6113373024&w=1174&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1174x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019604&bpp=1&bdt=424&idt=300&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=17&ady=1149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QnfiXrNAWd&p=https%3A//bloxorzonline.com&dtd=304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Sep 2023 08:33:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 3389 0
126 B 157ms
56ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kPClGMz6RJYJmAKdg2ICAgAAACQ8_t2V6LYDEOOiDmWxGW66eVRcyHC5AAASAAAKCkFRVUJEd0VQRHc&wp=ZQ6i4wAOo_oKsoFSAARtdCoSSNVzDhlSFeK1dw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 159398
server: Kestrel
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BB70 2 KB
830 B 77ms
63ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c55aa64d0d6318f1d0cb8532f013afe0e79cb90ec549e6c44f735a6fc4bb34d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Sep 2023 08:20:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Sep 2023 08:33:41 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 154 KB
52 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15bf32c4b6dc05838cc760c56573a247dbea99afe37c4bfd9525cb47ef638724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53718
x-xss-protection: 0
server: cafe
etag: 12199459433294812238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Sep 2023 08:33:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame BB70 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:29:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:29:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame BB70 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 08:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 08:35:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame BB70 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:26:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB70 182 KB
57 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 08:33:41 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame BB70 36 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-5636557392151555&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20230920_103728&sat=1695382767996&afm=0&as_count=3&d_count=0&ng_count=0&am_count=0&atf_count=3&mdns=0.397&alldns=0.397&allp=9&pgh=2173&abl=false&rr=n&su=bloxorzonline.com&pvc=770880262901909&r=0.1&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793

Requested by

Host: bloxorzonline.com
URL: https://bloxorzonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 08:33:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 10823254944621028040
tpc.googlesyndication.com/gpa_images/simgad/ Frame BB70 12 KB
12 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/10823254944621028040?w=300&h=300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9661b6c4a25c2eceaa9e2b4e8cad49bd2da74d2d33451c17dceb441ba920031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 13:30:58 GMT
x-content-type-options: nosniff
age: 500563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11825
x-xss-protection: 0
last-modified: Tue, 23 May 2023 08:16:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 16 Sep 2024 13:30:58 GMT

GET
H3 200 2023669279976010507
tpc.googlesyndication.com/gpa_images/simgad/ Frame BB70 17 KB
17 KB 45ms
42ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/2023669279976010507?w=300&h=300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5bbb446ca6a7a3854f70d091d258cfea199b4736d7f183f9b82408d0d3a57e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:27:11 GMT
x-content-type-options: nosniff
age: 61590
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17713
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:58:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 15:27:11 GMT

GET
H3 200 5747103128805698087
tpc.googlesyndication.com/gpa_images/simgad/ Frame BB70 12 KB
12 KB 77ms
74ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/5747103128805698087?w=300&h=300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c701c1c22f9eaa13bbfdea340b4c22660c3bbf5b363e48acb9b03a1700a8e378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:54:00 GMT
x-content-type-options: nosniff
age: 434381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12523
x-xss-protection: 0
last-modified: Mon, 22 May 2023 17:37:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Sep 2024 07:54:00 GMT

GET
H3 200 11240770365482791673
tpc.googlesyndication.com/gpa_images/simgad/ Frame BB70 21 KB
21 KB 59ms
57ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/11240770365482791673?w=300&h=300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ac22bc0f5cd5731445ac4dbb1f93bb6f0dd20d98d9a558573482b50ec37f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 15:26:48 GMT
x-content-type-options: nosniff
age: 61613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21780
x-xss-protection: 0
last-modified: Fri, 19 May 2023 23:59:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 15:26:48 GMT

GET
H3

200

15581617338269297532
tpc.googlesyndication.com/simgad/ Frame BB70
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC8payh2AEQlgEYlgEyCL0FjczvpGfJ
https://tpc.googlesyndication.com/simgad/15581617338269297532

3 KB
3 KB

40ms
39ms

Image
image/png

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15581617338269297532

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb2149be6a20ba8c68d4cafc29d7462dd6e141c1f2f116c086d663abb504311d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:24:54 GMT
x-content-type-options: nosniff
age: 274127
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3317
x-xss-protection: 0
last-modified: Mon, 26 Dec 2022 06:58:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Sep 2024 04:24:54 GMT

Redirect headers

date: Fri, 22 Sep 2023 18:02:29 GMT
x-content-type-options: nosniff
server: cafe
age: 52272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/15581617338269297532
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 22 Oct 2023 18:02:29 GMT

GET
DATA 200
OK truncated
/ Frame BB70 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f4e4c48b38c65e3466f61dabbb884d8cf10e0f4efc9b6a08532bd09c915a061

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame BB70 20 KB
20 KB 41ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 601973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 09:20:48 GMT

GET
H3 200 webgl.json Show response
html5-games.io/game/roll-the-block/Build/ Frame CE55 523 B
866 B 399ms
399ms XHR
application/json 2606:4700:3034::ac43:ba7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://html5-games.io/game/roll-the-block/Build/webgl.json
Requested by: Host: html5-games.io
URL: https://html5-games.io/game/roll-the-block/Build/UnityLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ba7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ea0a08c1c74e6111cb6aad75d87e72b6a089682705d635812d606eb639c11cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5-games.io/game/roll-the-block/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Jan 2023 11:20:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"20b-5f25fc4872d0d-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQIOzG9sa9%2BC2Xnrsyro2D%2BXYwBQ2aXhiq2FiYYlkoJ99qCKwTeuM4YqYJJ9uJyn%2FxKHIj%2BPMbufApdGt0fQkGpr3XdlZlBEdHNkBYVVxWoQbL%2BWxemk5ZHAZlbWhQUwiCjFOMTeRk48EQQnew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=1
cf-ray: 80b171ba5fc8d2b2-CDG
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Sep 2023 08:33:42 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 872B 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 05:42:12 GMT
etag: 2603938475786422795
expires: Sat, 07 Oct 2023 05:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame DFF8 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 05:42:12 GMT
etag: 2603938475786422795
expires: Sat, 07 Oct 2023 05:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BB70
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ccubf46IOZbKBN8KoxdwP3ZO7kAmAxsXccruh4L_FEfijlZ2LORABIIuLkChglcKmgrAHoAGemryVKcgBCagDAcgDywSqBM4BT9CkY3DJdVGq9z2QyPr9lVdNIc1J3ST6RSw1Y4dYCxqd_eg...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212766891991072464472%22,%22debug_reporting%22:true,%22destination%22:%22https://gameonyx.com%22,%22event_report_window%22:...

0
0

75ms
74ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212766891991072464472%22,%22debug_reporting%22:true,%22destination%22:%22https://gameonyx.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211050880286%22],%224%22:[%2209-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210423094021623687169%22}&andc=true

Requested by

Host: bloxorzonline.com
URL: https://bloxorzonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12766891991072464472","debug_reporting":true,"destination":"https://gameonyx.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11050880286"],"4":["09-23"],"6":["true"]},"priority":"500","source_event_id":"10423094021623687169"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Sep 2023 08:33:41 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Sep 2023 08:33:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12766891991072464472","debug_reporting":true,"destination":"https://gameonyx.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11050880286"],"4":["09-23"],"6":["true"]},"priority":"500","source_event_id":"10423094021623687169"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js Show response
pagead2.googlesyndication.com/bg/ Frame 25D1 37 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=1909840895&adf=3111530590&pi=t.ma~as.6113373024&w=1014&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1014x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019601&bpp=3&bdt=422&idt=231&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=2888902983415&frm=20&pv=2&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=137&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dVEWii5qek&p=https%3A//bloxorzonline.com&dtd=248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14650
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:21:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 872B 4 KB
744 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Sep 2023 08:26:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Sep 2023 08:33:41 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 872B 205 B
229 B 45ms
43ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 05:42:49 GMT
x-content-type-options: nosniff
age: 10252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 22 Sep 2024 05:42:49 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 872B 604 B
628 B 59ms
58ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:44:09 GMT
x-content-type-options: nosniff
age: 56972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 21 Sep 2024 16:44:09 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame 872B 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 21:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 21:49:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame 872B 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 21:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 21:49:00 GMT

GET
H3 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame DFF8 9 KB
4 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:13 GMT

GET
H3 200 cd233a70afb96cd167e1530303b3d74f.js Show response
www.gstatic.com/mysidia/ Frame DFF8 36 KB
14 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cd233a70afb96cd167e1530303b3d74f.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0c95e145b8f28a0e8a62eb2017b95248f618344fd490af692098d82ff2d8757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14669
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 05:14:16 GMT

GET
H3 200 7aa689309bcd7b42dc3616d5eb539a0d.js Show response
www.gstatic.com/mysidia/ Frame DFF8 22 KB
9 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7aa689309bcd7b42dc3616d5eb539a0d.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467efe85f19395240c89559ed17661f02b1b662a54af39992bb8d58158b39a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9353
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 20:55:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame DFF8 23 KB
9 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:29:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:29:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame DFF8 3 KB
1 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 08:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 08:35:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame DFF8 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:26:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFF8 182 KB
57 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 08:33:41 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame DFF8 36 KB
15 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 80ms
77ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 23 Sep 2023 08:33:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame BB92 7 KB
722 B 52ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Sep 2023 06:34:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Sep 2023 08:33:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame BB92 23 KB
9 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:29:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:29:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame BB92 3 KB
1 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 08:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 08:35:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame BB92 20 KB
8 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 12:26:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB92 182 KB
57 KB 56ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 08:33:41 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame BB92 36 KB
15 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 151 KB
21 KB 41ms
40ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cd233a70afb96cd167e1530303b3d74f.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bbeea353baa206119b544cd5ef1972b620a3ebb99fc0253adc27e19d6bab9c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 84142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21880
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 09:11:19 GMT
expires: Sat, 21 Sep 2024 09:11:19 GMT
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DFF8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09484a67956157c0ea2d05ab1aeeaa328bdf8bd771dc86a245f27a02dab95111

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4412 16 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 07:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Sep 2023 07:13:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4412 34 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 13:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 23 Sep 2023 13:31:21 GMT

GET
H3 200 1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js Show response
pagead2.googlesyndication.com/bg/ Frame F2FC 37 KB
14 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14650
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:21:49 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DFF8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5pkq5KIOZa3EAd22xdwP1NO4oAS3_u78cdT5_6rdEdLw0uCyARABIIuLkChglcKmgrAHoAGl4IzcA8gBCakCYTFGH3HfsT6oAwHIA0iqBM0BT9D278uBuxndn9WGIxZvP7faEyYpcWNte0K...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213104787021646193044%22,%22debug_reporting%22:true,%22destination%22:%22https://thomann.de%22,%22event_report_window%22:%2...

0
0

92ms
77ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213104787021646193044%22,%22debug_reporting%22:true,%22destination%22:%22https://thomann.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22998453285%22],%224%22:[%2209-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229519394935766763873%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13104787021646193044","debug_reporting":true,"destination":"https://thomann.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["998453285"],"4":["09-23"],"6":["true"]},"priority":"500","source_event_id":"9519394935766763873"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Sep 2023 08:33:42 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Sep 2023 08:33:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13104787021646193044","debug_reporting":true,"destination":"https://thomann.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["998453285"],"4":["09-23"],"6":["true"]},"priority":"500","source_event_id":"9519394935766763873"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 205ms
120ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a5796c4adbf24b4db076574791797468ab8340f3b131180ccc7a3bc3d48d7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12147
x-xss-protection: 0

GET
H3 200 1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js Show response
pagead2.googlesyndication.com/bg/ Frame 581E 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14650
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:21:49 GMT

GET
H3 200 1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js Show response
pagead2.googlesyndication.com/bg/ Frame 4412 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 263512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14650
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:21:49 GMT

GET
H3 200 logo_klein.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 7 KB
3 KB 44ms
40ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_klein.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e045f5cc886898a55d4450daffaa78bc91f481333bd7d8ccf5c806e1ac6e62

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 04:37:23 GMT
age: 359778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2963
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 04:37:23 GMT

GET
H3 200 logo_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 7 KB
3 KB 49ms
45ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ca1d475d75b95f330757ed1eef0d5e2a0a63372d968c31c9ffe3159f29b141

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 07:28:51 GMT
age: 176690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3091
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Sep 2024 07:28:51 GMT

GET
H3 200 logo_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 7 KB
3 KB 54ms
49ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_02.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3349f90f1da5e8e9c8234aaa9b932f3157e8dc2ac7c67852d2c531fa9e80f082

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 05:30:43 GMT
age: 10978
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3091
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Sep 2024 05:30:43 GMT

GET
H3 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 5 KB
2 KB 51ms
46ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/cta.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e1780fcf095277e5932ebe4308ba7c209a0ffd929e80fa1dac9de7efaacb043

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 23:35:14 GMT
age: 32307
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2056
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 23:35:14 GMT

GET
H3 200 logo_subline_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 5 KB
2 KB 66ms
62ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_subline_02.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976df8c6fc830abbcba51b76b07f7b795fbc02d466ddd4530861161464f14dd3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 22:17:43 GMT
age: 123358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Sep 2024 22:17:43 GMT

GET
H3 200 logo_subline_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 14 KB
4 KB 67ms
62ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_subline_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd7fcadf77947aedfa9df2220b7b33ae98b978e617e5c1100c1dd422d31a5fda

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 16 Sep 2023 10:53:49 GMT
age: 596392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 15 Sep 2024 10:53:49 GMT

GET
H3 200 widget_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 16 KB
5 KB 62ms
57ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9518f4b66ec416aaf33168598d4f4dc33186f8daa2476c70a4a330342813bb3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 06:50:08 GMT
age: 6213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5538
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Sep 2024 06:50:08 GMT

GET
H3 200 widget_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 10 KB
4 KB 65ms
60ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_02.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26c30f9f6dcdf84d05a4bc923ba8b51306d18f165c1bf7d8f8c802d5e3d70be

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 03:19:37 GMT
age: 18844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3871
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Sep 2024 03:19:37 GMT

GET
H3 200 widget_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 12 KB
5 KB 62ms
57ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_03.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d37eea3a77597d079cccca5118edc840165fc85a98d0c278729975099a074eb0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 11:10:16 GMT
age: 77005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4654
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 11:10:16 GMT

GET
H3 200 widget_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 12 KB
4 KB 59ms
54ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_04.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ffa651cec5c4c05bc751cd2e56792bd4aa449762ca625dfa51280c5e2278bf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 02:51:24 GMT
age: 20537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4362
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Sep 2024 02:51:24 GMT

GET
H3 200 widget_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 18 KB
5 KB 57ms
53ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_05.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f97e21f3eec9e3e533d436de3a395dd755e1a309ed6e05282c16fe0c11f523e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 04:33:18 GMT
age: 100823
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5282
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 04:33:18 GMT

GET
H3 200 widget_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 16 KB
6 KB 54ms
49ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_06.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42560ef9cd88b29d780c7b1b9dfacd9ebcce9d6a786377f06ac4c85ecbffac33

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 16 Sep 2023 10:30:23 GMT
age: 597798
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5815
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 15 Sep 2024 10:30:23 GMT

GET
H3 200 form.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 791 B
565 B 53ms
49ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/form.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b127fac4cc6707a510e3bb39b4ca7c4e7f9df01d06b9d72988c9a02792a0d0fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Sep 2023 14:29:27 GMT
age: 410654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 527
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Sep 2024 14:29:27 GMT

GET
H3 200 color_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 851 B
530 B 71ms
66ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b30aaaa21366d52f75323f59949ba8520cfec50fa89ef9aa9a165687348aa5d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 11:33:31 GMT
age: 75610
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 11:33:31 GMT

GET
H3 200 color_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 761 B
522 B 67ms
63ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_02.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22f418c33faa6c31cfe76fab61c5fe1bb9c5031dc4fe5602ef8fd802581aff30

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 04:33:18 GMT
age: 100823
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 04:33:18 GMT

GET
H3 200 color_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 797 B
519 B 70ms
65ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_03.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387a63e314f5fdb0a7ec0a0e38d457e8c86b46e76a866dc112e823ca53cf3392

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 22:19:20 GMT
age: 36861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 479
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 22:19:20 GMT

GET
H3 200 color_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 856 B
529 B 68ms
63ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_04.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7251f253a7f14b9f7946a59d2003dc87be21baab047d4394e3cf2802d6d01e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 06:46:04 GMT
age: 179257
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Sep 2024 06:46:04 GMT

GET
H3 200 color_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 692 B
494 B 68ms
64ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_05.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a52397ac20d14b7063c608f61261318da8ecb23fe996f92803563b060ba13ce0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 22:19:20 GMT
age: 36861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 454
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 22:19:20 GMT

GET
H3 200 color_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 4412 692 B
495 B 66ms
62ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_06.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e9c5ee6f84f7f34f2ba8fd2f01fa7574343afd0e09e64691245ce1745528f6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 05:00:06 GMT
age: 12815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 455
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Sep 2024 05:00:06 GMT

GET
H3 200 webgl.wasm.code.unityweb Show response
html5-games.io/game/roll-the-block/Build/ Frame CE55 3 MB
3 MB 801ms
797ms XHR
application/vnd.unity 2606:4700:3034::ac43:ba7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://html5-games.io/game/roll-the-block/Build/webgl.wasm.code.unityweb
Requested by: Host: html5-games.io
URL: https://html5-games.io/game/roll-the-block/Build/UnityLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ba7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5731fcd801810ecd840e0586915d023cebfee6ff56d065724ab30daaca1f1baa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5-games.io/game/roll-the-block/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Jan 2023 11:20:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"30379d-5f25fc488afc5-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6K2niYsCSXhAmbWW4IkesxqlkWW4F6AQ8zaByTCHnvSx4O2ICxHAhLm9wCMCXSnbPDhHy%2BT4iwVeLsFU1sDHPEqAnp%2BciVkiijfjwSNK1Q1JtdeRX0ACjbuvJdcueNsVeQOiTQXmo7A1fAedXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.unity
cache-control: max-age=1
cf-ray: 80b171bce9f0d2b2-CDG
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Sep 2023 08:33:43 GMT

GET
H3 200 webgl.wasm.framework.unityweb Show response
html5-games.io/game/roll-the-block/Build/ Frame CE55 70 KB
70 KB 641ms
637ms XHR
application/vnd.unity 2606:4700:3034::ac43:ba7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://html5-games.io/game/roll-the-block/Build/webgl.wasm.framework.unityweb
Requested by: Host: html5-games.io
URL: https://html5-games.io/game/roll-the-block/Build/UnityLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ba7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4323b0e3bc60cc9be8e6611ab3ee28a81899136440a1e80fc99c248ebb4299bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5-games.io/game/roll-the-block/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Jan 2023 11:20:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1168b-5f25fc489116d-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7OmmkqOVf4hXbv2RVcFJtVI3ZFmCVsoI3ej9MPDzGuIoIBQQS2ESXi1QPlCJ8MXXqvlNRgRCnLDvlyRL1%2BcoqvPeHvzk8quvbRXWgSqhk%2FyW0gnRjXyuqqacnwXOPV255y7ujWa2X87KOma0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.unity
cache-control: max-age=1
cf-ray: 80b171bce9f1d2b2-CDG
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Sep 2023 08:33:43 GMT

GET
H3 200 webgl.data.unityweb
html5-games.io/game/roll-the-block/Build/ Frame CE55 4 MB
4 MB 750ms
746ms XHR
application/vnd.unity 2606:4700:3034::ac43:ba7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://html5-games.io/game/roll-the-block/Build/webgl.data.unityweb
Requested by: Host: html5-games.io
URL: https://html5-games.io/game/roll-the-block/Build/UnityLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ba7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5-games.io/game/roll-the-block/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Jan 2023 11:20:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"419396-5f25fc486cf4d-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfWcJUY%2BpyAftze7cHdjY7SkGgqHX2voCBgp3okHvuyhlv7jlLtztnlEW8rvfrXIptnNVySpN0vROMATCzGok3lfEj26qy8hiaUutb2sYY3IsDvrr4kDiIdimyb3jB%2FwUNLQisgKtAEz3dHKhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.unity
cache-control: max-age=1
cf-ray: 80b171bce9f3d2b2-CDG
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Sep 2023 08:33:43 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 89ms
86ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 23 Sep 2023 08:33:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 83ms
68ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 08:33:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F9F8 13 KB
5 KB 43ms
39ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 21:28:44 GMT
expires: Sat, 21 Sep 2024 21:28:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F765 829 B
559 B 63ms
60ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e1743150d4d3934afb94a48f827242bd561e4abd4c20b11f6a677b90229d23ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a2M4tjRwc03n52v5_cOt7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloxorzonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-a2M4tjRwc03n52v5_cOt7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 08:33:42 GMT
expires: Sat, 23 Sep 2023 08:33:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame F9F8 37 KB
14 KB 58ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 06:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Sep 2024 06:56:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F765 0
0 73ms
73ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=770880262901909&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F9F8 0
12 B 38ms
38ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?X1duSQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BB70 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6JRFgOJAp_GtvCK6J9OsXGP5yG7lVQfGhDTqDP-msAMPq_dlF5UMf8qxCyG5mkl3OUHz-PHHFM8oeh4y8h-RasFbYkJodc-4BFq6v9KO9gHy0CndnGZD9UX88FGz9mI0RqQ8Xu-1Je7q_&sai=AMfl-YRxEytGasRvp0rgwSqYj84A3yM3XcadqnQNaVsOqNhN3W2DCfSqbTBXd5MxvSN_m5noAH7tSUb_5knn&sig=Cg0ArKJSzGHIxw73B1d2EAE&cid=CAQSGwBpAlJWRgaXgoY-2LOS9uk0NygBNfMt3k9HQBgB&id=lidar2&mcvt=1000&p=0,0,280,1014&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1909840895&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695458019850&rpt=1669&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 08:33:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 37864c54-dd1b-4959-bc7a-a9b401a8b3f8
https://html5-games.io/ Frame CE55 91 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://html5-games.io/37864c54-dd1b-4959-bc7a-a9b401a8b3f8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ba3e8cdb11b3df5922d842190ae34ae2f3c16148f7ca4e8c3370d575ebdddff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 92887
Content-Type: text/javascript

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DFF8 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyoQkdNHpBxGrRtikHVllToixyWkd5pTq36zHp1Dk_fOzEeC2eCZACstIcnnmWYOL6wYcS88Fx5przK_Tc_5Rb8bfhlUb7B4IqENQwSrDeBKx6ULTD30RM-sBSM3EpPNBtnhB2ndTE3ODK&sai=AMfl-YR9a_QJzzCHYG0WEnD2X-wI2USZjnzOnzfeL0MNsFc-6a91647v4S1xn06LGQ9_RTxfm-jOCS10vw3D&sig=Cg0ArKJSzL-vTvsr2cmnEAE&cid=CAQSGwBpAlJWpjYhR4jJt4rckrRmVjCsmxvu_i1aQRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=77,756,1000,1117,1126&tos=77,679,244,117,9&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695458021493&rpt=270&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 08:33:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 86ms
80ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=770880262901909&bg=!LyylLGPNAAYrDsWMCw47ADQBe5WfOD95J1EDxW_ykg7hBtlCZhDXWPBk4T-tBPqe5Hi1Ml5_MwUZ-uXLYq0g5TjO6m6jAgAAAIdSAAAACWgBBwoA1M-WKMIH5HHUStdfvp1TxMW1zj4gnRB0vInblQnt4jP2-2CxFyrVs0UXkI6Rup66pJXgEthXQZ3lBzcfMre-fY0k_MQhx7DVVCSxpaBG4lvuYOZY2I_lgGcfmah_tQ9k1QIyD05pIuQ3bmIMRAkK5KhTncPE7zMNUHXP3zD-oViB6swTBPW1_TeEwLzCfPhkSaMki4ThyXl5c_y25HeBTdn2mF_nZV2gJp2QBuap99h9yYrqUrrxxl0jcs7w7toXONHAijBo3JWowjQXj7a5QLgqTCdZmQK4KMXKttYlJrv1fkp9yhdauOw-Aq1f7i6CxqFjQi13RroBQyBIHL5PLqnzdX-TJSVvqtylpUUsFbBVx9Bdlf9TZxor_p_E_iwSo3l1lF8NqjZ2Mjc1qs-Z-Pwbx6aRP_VUvuVrptUT0or7IC8y2oJLhljKoKLfxQIpQ02Q0PabSq7UFot_okTwb8I1xeP0b_L2GGPIHkn-aqszyclWZHve9B7xU41KMOHy3e86jkAzcq9sHVJQDQ3QCyw42eAqO3AcBf5grt6KUEw7ZTPVVj-E7ualfwp-6GHTfu_xm9C4L4v24OEdaXTu4RTYw8oTUJ02UxAO54hPgNviJKtvVqByCBSJQ_dV_8agkyzzVMU69WL6IP4OnRZC9ISNUlVQmEdHZ0ge8gRrqPErND3TweQM52mmts7FprrIMz6tpC8Qixe_1Gb8yj0UsNI52Wrv3tcQpSiDe5O6UBWw7RF1HWJJZTelobiq3jr-omk-KRWjo9G-I8qA9TtXkTzFTWCFrnqm2CxtXXQb5S2R54SWEScm8RetxV4RjhX4w3jLIf24UwZ8EMw_GpkOMADwFsozhd1qLLqK5o73DK6AGLz65msTis-WhhSJCoxvv8kgDEYEF9N-Uxm6buOKWseFEBMWx12ZXhmvI4f4eGSu6UW5gRwT5C82cWErKbwpeF2gyM_4t1M9-eyN9JOHQZGayS4IOyME3BAXK8zLE_hzS6SGb7yRwggOC8JOSiZqKKliQeKCU_CCs03ESgQ1ZDTpxZ6nvGnPHpQ3-jX8WksUdROh45ckTwNJB79YZJrrArHqbqvSV8U4wucJ6ksVZ2-ztYh6dAlvwtrbVWNJPDvEfQtCbMK0GW9sSAY_BiEHO12Mg1e-xU0ArNvLNb5mjw3LFlV4DKjCpzKBXOdFpt0ezOCTPbdP0LBXgACpihnI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxorzonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
BLOB 200
OK 3fbef08a-8ffd-44f1-9d65-ae422134a5c7 Show response
https://html5-games.io/ Frame CE55 460 KB
0 Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://html5-games.io/3fbef08a-8ffd-44f1-9d65-ae422134a5c7
Requested by: Host: html5-games.io
URL: https://html5-games.io/game/roll-the-block/Build/UnityLoader.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28939256d29780b4c72a7289000a4486cb1335a1770d25a39b63767c2e106f01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 471173
Content-Type: application/javascript

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 522A 126 KB
126 KB 61ms
60ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5e69e1fb4b4787361714b5dc55266ca81cea21d38477dca4644c234529f693dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 08:33:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 128676
expires: Tue, 10 Sep 2024 19:11:35 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bloxorzonline.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cgg506h3s2c41toqav95paoqpb
.bloxorzonline.com/	1970-01-21 00:33:38	Name: _ga Value: GA1.2.237628892.1695458019
.bloxorzonline.com/	1970-01-20 14:59:04	Name: _gid Value: GA1.2.1939468932.1695458019
.bloxorzonline.com/	1970-01-20 14:57:38	Name: _gat Value: 1
.bloxorzonline.com/	1970-01-21 00:33:38	Name: _ga_ECC5DVK4F2 Value: GS1.2.1695458019.1.0.1695458019.0.0.0
.bloxorzonline.com/	1970-01-21 00:19:14	Name: __gads Value: ID=3131eaa73baf466a-22dd57e08ede0071:T=1695458019:RT=1695458019:S=ALNI_Mbty3Aw8Vuv_UoSDlOk7_ekXMmoyg
.bloxorzonline.com/	1970-01-21 00:19:14	Name: __gpi Value: UID=00000c82f7590d66:T=1695458019:RT=1695458019:S=ALNI_Mau3xJCc4Zpns4j8lOFvZaDMzv4ew
.doubleclick.net/	1970-01-20 14:57:41	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:19:14	Name: IDE Value: AHWqTUkiHgf3-qQ1tLoxyNM-lKDYPw3aQWwSCOiQIGx7lukfEaG5C2Zf_LFHmNRW1pc
.doubleclick.net/	1970-01-20 14:57:38	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 17:07:14	Name: ar_debug Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5636557392151555&plah=bloxorzonline.com(Line 196) Message: Mixed Content: The page at 'https://bloxorzonline.com/bloxorz.embed' was loaded over HTTPS, but requested an insecure element 'http://bloxorzonline.com//data/image/bloxorz.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5636557392151555&output=html&h=280&slotname=6113373024&adk=629492764&adf=2669962450&pi=t.ma~as.6113373024&w=1174&fwrn=4&fwrnh=100&lmt=1695450819&rafmt=1&format=1174x280&url=https%3A%2F%2Fbloxorzonline.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695458019604&bpp=1&bdt=424&idt=300&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1014x280&correlator=2888902983415&frm=20&pv=1&ga_vid=237628892.1695458019&ga_sid=1695458020&ga_hid=1713454134&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=17&ady=1149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077702%2C44803793&oid=2&pvsid=770880262901909&tmod=1142916841&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QnfiXrNAWd&p=https%3A//bloxorzonline.com&dtd=304 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
ajax.googleapis.com
bloxorzonline.com
cat.nl3.eu.criteo.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
html5-games.io
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s7.addthis.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
178.250.1.6
2.17.190.170
2001:4860:4802:34::36
2606:4700:3030::6815:48cd
2606:4700:3034::ac43:ba7a
2a00:1450:4001:809::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:831::200a
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::c
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
09484a67956157c0ea2d05ab1aeeaa328bdf8bd771dc86a245f27a02dab95111
094a6a8d51ea7a0797dee8a41453cf5597420ffaa645dc50ebc52e57690197b8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
15bf32c4b6dc05838cc760c56573a247dbea99afe37c4bfd9525cb47ef638724
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dbd335a2e48aa6a82d048ad639ef8f15bab8e2328d05ce21b8a378e35b307f0
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1ece4d88aa6f12a653aec2ffd117fdcf78f35658fae6ac04debde1ae9917a340
22f418c33faa6c31cfe76fab61c5fe1bb9c5031dc4fe5602ef8fd802581aff30
28939256d29780b4c72a7289000a4486cb1335a1770d25a39b63767c2e106f01
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d3b7bc3f966bed6b797bb9d26f80facc5ac43efe755a8242aa16afa96bb0be5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3193fec08ffe0cd9027f716c36ce3cf7eaae46d336ca1e0f5078682f665e3b06
32e9a5ca30a9f0bf63e3ca55ebf344169496cd0b955e68745aadbdff1241c144
32eb1cc3dc7556a9c5f30878d14446d47d8bae06ec6aca933089e3b147105694
3349f90f1da5e8e9c8234aaa9b932f3157e8dc2ac7c67852d2c531fa9e80f082
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37ff2a67cdfea7cc97eb5702aca327a995913ade98368d7f281c62c37b42d744
387a63e314f5fdb0a7ec0a0e38d457e8c86b46e76a866dc112e823ca53cf3392
39c5ae44d7e35d5949cf948a88bac835c5800b298e430feef08f88de8429a722
3a0a8d1bce7bcd78564ba4b66962cda51ecb91bca8c1eaff8b97ba44d0d0677f
3e1780fcf095277e5932ebe4308ba7c209a0ffd929e80fa1dac9de7efaacb043
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4080073ff91cac21b75f1799733dc1c5c9be0500c376f8651dc75e0f1474cca4
42560ef9cd88b29d780c7b1b9dfacd9ebcce9d6a786377f06ac4c85ecbffac33
4323b0e3bc60cc9be8e6611ab3ee28a81899136440a1e80fc99c248ebb4299bf
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
467efe85f19395240c89559ed17661f02b1b662a54af39992bb8d58158b39a04
48360d9b4460baf13e39e434b765fa7923ee5340556711031fc61fcecadd5d21
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d17cb57d428b8ac8fa63b67dd47816d7e45ab22a62cce4716bb7a3d6c43eb27
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4db4815fc4b850cab324d00cb80af5f530f27afe1817d75338bed8c2742143c2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4e4c48b38c65e3466f61dabbb884d8cf10e0f4efc9b6a08532bd09c915a061
4f96ab3417b5f7efd1900a13946bb4ec726de8c84ffd9906496ab40cb0b89b0f
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
546ea88f0e551c7466a9eaba30694d2d15a012ac1eba66193b33935fff193de0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5717ef6dd662b6ea50d0c022ee7c67e2dc72408ede89691a76a61e3dd2cda7e5
5731fcd801810ecd840e0586915d023cebfee6ff56d065724ab30daaca1f1baa
58e045f5cc886898a55d4450daffaa78bc91f481333bd7d8ccf5c806e1ac6e62
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e69e1fb4b4787361714b5dc55266ca81cea21d38477dca4644c234529f693dd
5e91ea289ee2b14e4cfbb4c0cc66aeeb467019e536caf42af05be419be0654e1
5ea0a08c1c74e6111cb6aad75d87e72b6a089682705d635812d606eb639c11cf
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f1457142b74a42ee67f24f86fd6298a7d3b0f0e7e9b096dd79632ebfb187761
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65ac22bc0f5cd5731445ac4dbb1f93bb6f0dd20d98d9a558573482b50ec37f5a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a5796c4adbf24b4db076574791797468ab8340f3b131180ccc7a3bc3d48d7dc
6b30aaaa21366d52f75323f59949ba8520cfec50fa89ef9aa9a165687348aa5d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7263dc2c64c87b9847f52e8a6e35447c968a144fc7940084fe3ca89003e8fbb1
744612e8612695e2016cb19624edeeb15760fc8fd407aef26963ddc03ca126da
74497a553724541ca99e24162465e3fb1c1040a37f0fdb577768c281e0456d1b
75368b7caf64ba0c768543e2c4edd2c916a960fe725cdd2b7d1e855efadadcac
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e46698159032fbab1aeeb0f55269b884f4b284cf340942c18f70127ddc1c4e2
88233ad1abcd2282b53edb9465a6bef42fd32de319f014e4059353e4fd8a7e0a
8ba3e8cdb11b3df5922d842190ae34ae2f3c16148f7ca4e8c3370d575ebdddff
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f27f807a62a9f4fd8b7339ecb1c1a9c24448ddbb5c339d6cd63442255bf933a
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531
942fa785b7df43f495ba684a9b1b3e29a9f16fe4b7a9058072304474480fc12c
976df8c6fc830abbcba51b76b07f7b795fbc02d466ddd4530861161464f14dd3
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0
9b0dded1f73e56e0a983076eb33487cdb170d4bf4fa66b4dfc3ffbe1fe214c0b
9d572cd5dcc448f11da71e05bd5abf61ecd43ef2aa2a60cffaa44122af490051
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a26c30f9f6dcdf84d05a4bc923ba8b51306d18f165c1bf7d8f8c802d5e3d70be
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a52397ac20d14b7063c608f61261318da8ecb23fe996f92803563b060ba13ce0
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9661b6c4a25c2eceaa9e2b4e8cad49bd2da74d2d33451c17dceb441ba920031
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
affdaa19547b4ed971f3b53a274be565d7dc6d42b3e0fd4ca24d18a75e003b7b
b0bbeea353baa206119b544cd5ef1972b620a3ebb99fc0253adc27e19d6bab9c
b127fac4cc6707a510e3bb39b4ca7c4e7f9df01d06b9d72988c9a02792a0d0fb
b3e6cd4ec46f319a27ba9b83850c4ed2bd35a8b3cc709650b88011c3becb5b6e
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b6d3445986a928134b58906b34d098cc9d91bd6db4ecf77d00139f21a336635b
b7251f253a7f14b9f7946a59d2003dc87be21baab047d4394e3cf2802d6d01e1
ba2cce31166d103972d7f0f34bc07d241e3438eb3d97bbc140928d32a1a4369f
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf7e0d2d5f380f7227076db1305eb7d5ab57fe6d545d3ba24e281db2442b07cf
c00c09b2a98a657a74b99876134d335f135e36069b1f8e7b69fadc5908ec69a1
c045d0b2379d0513643ccfe1a60cd5faeb3b42046f75af14771aa9780fd85450
c0ffa651cec5c4c05bc751cd2e56792bd4aa449762ca625dfa51280c5e2278bf
c55aa64d0d6318f1d0cb8532f013afe0e79cb90ec549e6c44f735a6fc4bb34d6
c56752e3952727b1947d9eac7156fc99dc1d504e09bd1f02ffdba4684ee39754
c6329039eec25d6239e10955f9757448b0ff87c1a5e06ad56f141e874a12d5a7
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c701c1c22f9eaa13bbfdea340b4c22660c3bbf5b363e48acb9b03a1700a8e378
c7ca1d475d75b95f330757ed1eef0d5e2a0a63372d968c31c9ffe3159f29b141
c84a93bd9c5300c1d75a733958664acf817d565d2ed6a33857582ebc4702beb5
c8d983b9b86fc0ab5616ce17041d6f02f0af43a28a1b6827820c763f85b8bc90
ca1ddd1bcbeb23e8c6de45e59bbded69421267b6929c30d6273f06b2c147746a
cb19e4525c84cc0f30da6ba647b0677da7c9e6709a78938f704aa1116a056264
cb2149be6a20ba8c68d4cafc29d7462dd6e141c1f2f116c086d663abb504311d
cf9b07584547d5d561dfac9cdbf7b6a530cb72a1b7a1096411966036c4017d38
d0c95e145b8f28a0e8a62eb2017b95248f618344fd490af692098d82ff2d8757
d1085ad03e564793ee63726978c4ea73d0427f67f046e09a4978176a784b927f
d37eea3a77597d079cccca5118edc840165fc85a98d0c278729975099a074eb0
d447eb81dc16840763055c0189191c32f22f8a4062a1d896e0d8375681126a88
d5936b957643263705862968c40035f843b0ab7f5f4ab20fb7e91dd0325d3b0c
d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71
d9e9e0d8145e8dabec6ef617c62aab7a65bbbf4ff59fcac3eb0f807e90ce34c0
dd7fcadf77947aedfa9df2220b7b33ae98b978e617e5c1100c1dd422d31a5fda
ddfac8d3f564750c023e8127a8f970776977a6a8bc31ec773ae3a6ca9b6ed121
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df888b9df9e006acae5359c2c62c81967576b266b37b9571924e813c6bdb13b3
e1743150d4d3934afb94a48f827242bd561e4abd4c20b11f6a677b90229d23ff
e279ec011002161039a91de5072d6cce2d6be80150028d481907848509ec5246
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
e50d55da2f0dfff9e815f8842d727de21127836d38c9a5e6479d48a9f0c8b548
e5bbb446ca6a7a3854f70d091d258cfea199b4736d7f183f9b82408d0d3a57e0
eca2486761672e30bd75cc6b58eeb3374c42daa18878dd1a2e8356855845173a
ecdd4a2e080e67ea740655f85d716f23a53b1ca77b1376b90ebd4d0db4c7b3b7
eec8fc09b34899f0a091d7032254a82957803dd54158241aa376444ddc935561
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ff6c341e98ea13439fec4657646fc5418dfbd3d00675e51181ea17b6a02da4
f1e9c5ee6f84f7f34f2ba8fd2f01fa7574343afd0e09e64691245ce1745528f6
f3d6ebd27aca24ebd411aa4398cca253d4a05954e80e1151f4cb0707c16dd1ea
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f58db16e79b2ee2602a296397d14983d1ea9747df8ddf470f0ed717086e157f6
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f9518f4b66ec416aaf33168598d4f4dc33186f8daa2476c70a4a330342813bb3
f97e21f3eec9e3e533d436de3a395dd755e1a309ed6e05282c16fe0c11f523e6
f9e7628ad8560e630f2211f9cf10916d589ffe3c19b4d8b4b072981e369435ec
fa1504d814852a46e90330684cb1c4adb6b0b8b66987ef721ffc9ea3e9145529
fc3c99c7ab603804d3bbeb1cb59bc7b3f689d4f9133e9367018d5dc77cca3bb1
fe5bb28f559ba29b33cd7893335fabe0f6ef2cea90e2273d9f6cff803f726400
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

bloxorzonline.com Open in urlscan Pro 2606:4700:3030::6815:48cd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

97 %HTTPS

86 %IPv6

14 Domains

23 Subdomains

23 IPs

4 Countries

10751 kBTransfer

15055 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bloxorzonline.com Open in urlscan Pro
2606:4700:3030::6815:48cd Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

97 %
HTTPS

86 %
IPv6

14
Domains

23
Subdomains

23
IPs

4
Countries

10751 kB
Transfer

15055 kB
Size

11
Cookies

186 HTTP transactions
7 data transactions