urlscan.io logo urlscan.io
SecurityTrails logo

genshindle.com Open in urlscan Pro
2600:9000:206f:bc00:6:1143:84c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://genshindle.com/
Effective URL: https://genshindle.com/
Submission: On November 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 62 HTTP transactions. The main IP is 2600:9000:206f:bc00:6:1143:84c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is genshindle.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 1st 2023. Valid for: a year.
This is the only time genshindle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:206f:4800:6:1143:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
genshindle.com
11    2600:9000:206f:bc00:6:1143:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
genshindle.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3034::6815:3f6a (United States)

ASN13335 (CLOUDFLARENET, US)
www.ezojs.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    3.123.237.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-237-108.eu-central-1.compute.amazonaws.com
r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a05:d014:776:a63d:6339:2a28:fc90:eea (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
g.ezoic.net
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
13    2606:4700:e2::ac40:890f (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
9    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
cd.connatix.com
cds.connatix.com
3    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
cds.connatix.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
13 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 8931
31 KB
12 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
cd.connatix.com — Cisco Umbrella Rank: 3425
cds.connatix.com — Cisco Umbrella Rank: 3536
vid.connatix.com Failed
lit.connatix.com Failed
619 KB
12 genshindle.com
genshindle.com
419 KB
5 gstatic.com
fonts.gstatic.com
218 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359
112 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
170 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com Failed
6 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
307 B
2 ezoic.net
g.ezoic.net — Cisco Umbrella Rank: 15132
9 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
186 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 49
7 KB
1 amazonaws.com
r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com
1 KB
1 ezojs.com
www.ezojs.com — Cisco Umbrella Rank: 27048
45 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
92 KB
62 14
Domain Requested by
13 go.ezodn.com genshindle.com
12 genshindle.com 1 redirects genshindle.com
7 cds.connatix.com cd.connatix.com
cds.connatix.com
5 fonts.gstatic.com fonts.googleapis.com
genshindle.com
4 capi.connatix.com 1 redirects cd.connatix.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 fonts.googleapis.com genshindle.com
2 securepubads.g.doubleclick.net cd.connatix.com
securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 g.ezoic.net www.ezojs.com
go.ezodn.com
2 pagead2.googlesyndication.com genshindle.com
pagead2.googlesyndication.com
1 cd.connatix.com 1 redirects
1 lh3.googleusercontent.com genshindle.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com genshindle.com
1 www.ezojs.com genshindle.com
1 www.googletagmanager.com genshindle.com
0 imasdk.googleapis.com Failed cd.connatix.com
0 lit.connatix.com Failed cd.connatix.com
0 vid.connatix.com Failed cd.connatix.com
62 20

This site contains no links.

Subject Issuer Validity Valid
*.genshindle.com
Amazon RSA 2048 M02		 2023-02-01 -
2024-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.ezojs.com
GTS CA 1P5		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.execute-api.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2023-06-02 -
2024-06-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
ezoic.net
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
ezodn.com
E1		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-16 -
2024-02-15		 a year crt.sh
connatix.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://genshindle.com/
Frame ID: 98181E22CA0D45A0D80E116B43A32382
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 0E4750FD4B7FD2C2B691458C20C0E27F
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/378985/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Frame ID: 334D474A84DB9032266595660DE996A2
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://genshindle.com/ HTTP 301
    https://genshindle.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

62
Requests

90 %
HTTPS

82 %
IPv6

14
Domains

20
Subdomains

17
IPs

3
Countries

1914 kB
Transfer

5793 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://genshindle.com/ HTTP 301
    https://genshindle.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
  • https://cds.connatix.com/p/378985/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Request Chain 59
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
genshindle.com/
Redirect Chain
  • http://genshindle.com/
  • https://genshindle.com/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40d16f46777e82f9e7f546e142f9d9e284f01ee903e06f7d54139544aec075c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 00:36:25 GMT
etag
W/"2df0dcfe1d926edac82621f3d9dd36c8"
last-modified
Wed, 08 Nov 2023 23:55:35 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-id
DpAQg3ug2mpaVLHlVcBEUkI4Hw768gjrwQC9dAIDGmOo95XLEA4iJQ==
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Fri, 17 Nov 2023 00:36:24 GMT
Location
https://genshindle.com/
Server
CloudFront
Via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
4ObHgBSHJzpZy465GasigC8ALrRW0AUmeWoUywCzH1ejCB-55EZ0Cg==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Redirect from cloudfront
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CLZMQVD9BX
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9922f14c85e0275c00c834c706a0a04723d91c606b6224f176fe64481523b755
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93611
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 00:36:25 GMT
sa.min.js
www.ezojs.com/ezoic/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/ezoic/sa.min.js
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b062c4377a8ebbe4b1f326b8d4591e1f6de41d1359f48a59961bbbb8a7961ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 02:49:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
67961
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58FSuSrvCT71WpX9tOdveoekkYBMnrbHWOtoTwGj1JjLHeU1JPje%2B20rRbEm17qNW75FMtmGmw5uIbX219PCovbasD8dbCduW%2B5ATPgX94Lr4ndwoJZz31EkOTnqHaETmk6D4NJLTYG7mIWC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=86400
x-robots-tag
noindex
cf-ray
8273e639fa73f0d3-CDG
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2543854667643786
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02fa333489e24668cd06dc0f6c211619da672eb06bf6f7614deca9c77aeaf44f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://genshindle.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52682
x-xss-protection
0
server
cafe
etag
16058531843770404572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 00:36:25 GMT
index.f1fe0bba.js
genshindle.com/assets/ 		396 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://genshindle.com/assets/index.f1fe0bba.js
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc1f1a40dee35abb70a8f81de033925395d17deae5bf0e34fcf1557b66bee5a5
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://genshindle.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:39:17 GMT
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
86229
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
etag
W/"c59c7d8325d4dc04932e257a118cee56"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
RUVSBNcPVPlCQuimkLDtMgs8OaW9joeKuFCXO7HR_5-4N6Ye9zZVxQ==
index.d5be7413.css
genshindle.com/assets/ 		430 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genshindle.com/assets/index.d5be7413.css
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5be74132fefac0f08c80b2055e6943c86d52989c9254afd8a478accbef2ef1e
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:49:28 GMT
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
6418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
etag
W/"f67d1ab71e3e23226cafc4a210405dbc"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
zju8-xP4QaHqw-na6_FxjUv-t4KmZlDditUShr-6QCxnzPXDW96ptA==
css
fonts.googleapis.com/ 		2 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Alkatra&display=swap
Requested by
Host: genshindle.com
URL: https://genshindle.com/assets/index.d5be7413.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d65f652f60774969e9f9879652021dacd7407b7377f92ae0c53aa967b94a520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 00:36:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 00:36:25 GMT
css
fonts.googleapis.com/ 		2 KB
692 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab&display=swap
Requested by
Host: genshindle.com
URL: https://genshindle.com/assets/index.d5be7413.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18efa46cb1fa2c6cf4461ffcf16cf38a2d57856947ce937320ab2e3aa8b5a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 22:48:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 00:36:25 GMT
workbox-window.prod.es5.d2780aeb.js
genshindle.com/assets/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://genshindle.com/assets/workbox-window.prod.es5.d2780aeb.js
Requested by
Host: genshindle.com
URL: https://genshindle.com/assets/index.f1fe0bba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c935c792520fc294b8ab35cff08b9357f22aac6895b3532135811efab894ee74
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://genshindle.com/assets/index.f1fe0bba.js
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 17:01:23 GMT
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
27303
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
etag
W/"b8c9397a5a7bdb9aee024d2c57d41845"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
eMpo0wZjc-Q7fHXU0QkFwspmw_SaTluU-nbgWhBHhbhWFTaUWk4TLg==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
062dc92329688aaec2a25116cc8ec8ea7d897c4db23f818a3a45def54bee7971

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20ea2cc3ef71f2754c5b230989a45a29b8b1c1bf84ae45c5cf0325044cb0f796

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		698 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab1ae5872d2a54c603ba7d21e58f75a0a0e0e978382ad1445f22ce3d0b5213cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		674 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e7fedb41bab6d30b22487a477b0377f5188a0de7155577cc5d7d87575a8a404

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		584 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9003ce5c65d35feb26f55783944127f6894e3b1407888636c1b2435045370196

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/webp
furina.webp
genshindle.com/data/gallery/characters/mobile/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://genshindle.com/data/gallery/characters/mobile/furina.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32a4364ef1ef3423b27ceb49bc56c5afe08fc9c3ee4f1870d4c35a855ce6bab1
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:22:16 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
80050
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4236
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
etag
"3829fa2906686b515c93df4236f9e142"
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
fn5Ojxm_OL2-DkerdXcfr3-nIOneB_17b5AbbGREjfrpDDavU3AuRg==
charlotte.webp
genshindle.com/data/gallery/characters/mobile/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://genshindle.com/data/gallery/characters/mobile/charlotte.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b140075787fa6631d76025ee3ca631108d37a16f1830ee9d3e36285a9444a35
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:51:44 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
63882
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3594
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
etag
"b562f7e4bd7f6a52cf2eafc4ffec401e"
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
Qu2McW2nZ3Oo7TbeIN5dRX_P9iC82WZSXqHF1-kdL0oXhGb74nrkHw==
userData
r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com/aws/genshindle/api/ 		870 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com/aws/genshindle/api/userData
Requested by
Host: genshindle.com
URL: https://genshindle.com/assets/index.f1fe0bba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.123.237.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-237-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136385362e92c4c151078e6ea8febc1dd9fb2f70815d1c214a6387672f5df0

Request headers

Accept
application/json, text/plain, */*
Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
x-amzn-requestid
0f217034-d356-4614-adf8-fa60579c2d25
x-amzn-trace-id
Root=1-6556b589-736060932a9560af23fa8914;Sampled=0;lineage=e2af578a:0
access-control-max-age
84000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://genshindle.com
x-amz-apigw-id
OhFNiGIPliAEViw=
content-length
870
access-control-allow-headers
content-type, authorization
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8456e042960c0d377508b3a3ddd2ac486adea0b491eec7c0a3c15f16c57dfc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/webp
loading.3cd3621f.webp
genshindle.com/assets/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://genshindle.com/assets/loading.3cd3621f.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3cd3621f9642e87004aceab46da9170d40473eed960d3d8bd807a40ed4db5b16
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 12:32:46 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
43420
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
13524
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
etag
"f887b2e267c1db213c0d10fa0afc7f7d"
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
AuLjTqZ5WFdimm6LfPpK_FSZ87sDGWo_1d2slWBoIRewHHTmRBJw2w==
bg.webp
genshindle.com/data/gallery/backgrounds/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://genshindle.com/data/gallery/backgrounds/bg.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1825d6891ec6f9d1c3ab9566e9c37deb3be65f3ae0a1d928bf9fd30da3038305
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 12:32:46 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
43420
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
205616
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
etag
"2df2c2df51bbb79c9e9f2591e600f5ba"
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
wEoO67XS8fwVPGFZPmqW6rC6RhWVZjIfA6jbzisY83Pm7G4QE_8Uyg==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac2e35ba691b4e2600238b67073f4593a942a6eb613ad3b9680e8b8d50eac8d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
r05EGLZA5qhCYsyJbuChFuK48Medzngmu4cIptE.woff2
fonts.gstatic.com/s/alkatra/v3/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alkatra/v3/r05EGLZA5qhCYsyJbuChFuK48Medzngmu4cIptE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alkatra&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2e11c738d7fc91dfebfe8b91ef5043258833c3fdeb50bedbaf6e7f4fdb4ee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:36:35 GMT
x-content-type-options
nosniff
age
277190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16452
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 21:47:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 19:36:35 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:13:00 GMT
x-content-type-options
nosniff
age
242605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13992
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:50:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 05:13:00 GMT
sa.go
g.ezoic.net/ 		30 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/sa.go
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/ezoic/sa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
e3dbf3dcd7cf209b481f21e90106cb1451b1520ecc2b929782c7d49345b3bb11

Request headers

Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://genshindle.com
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-robots-tag
noindex
access-control-allow-headers
Content-Type
expires
Thu, 16 Nov 2023 00:36:25 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2543854667643786&plah=genshindle.com&bust=31079698
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2543854667643786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95e016aeeea54d9aa41c7b266e6fd9de9628cdd17bdae16f3ece22ec45f3e1f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137193
x-xss-protection
0
server
cafe
etag
18116585391919145974
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 00:36:25 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 0E47 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2543854667643786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://genshindle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60977
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 07:40:08 GMT
etag
16674218716276178799
expires
Thu, 30 Nov 2023 07:40:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
questionmark.253daa86.webp
genshindle.com/assets/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://genshindle.com/assets/questionmark.253daa86.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
253daa866159262b420d98d43dbfc8560a67744462ec3023aa2c5609841f7b77
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:52:35 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
38631
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12326
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
etag
"dcce966ff5574f27912df0457c4aeef8"
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
NqYkbwornXzkrk6hja_7N3aIkkfGC0dEmNCzWcy7GIktQY-d_00J6Q==
tartaglia.webp
genshindle.com/data/gallery/characters/mobile/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://genshindle.com/data/gallery/characters/mobile/tartaglia.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e1865efbfcc65d2399fd1c7dce1fc0229fa23c467a4cabe4760eedb982574d6
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"f9237caf292a7e52decdc76d849cfb89"
x-amz-server-side-encryption
AES256
x-frame-options
DENY
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
3152
x-xss-protection
1; mode=block
x-amz-cf-id
Alod2RbCw7XZdpc0jb79H8sN_QK6omA770BArYkCjpS0ANlJ2wk6Gg==
box-bg.4faa335b.webp
genshindle.com/assets/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://genshindle.com/assets/box-bg.4faa335b.webp
Requested by
Host: genshindle.com
URL: https://genshindle.com/assets/index.d5be7413.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:1143:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4faa335b7ab17b3a88acc1b888f2e1cf19dfd0e08dde8bd6a0ed38de7b554f9c
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/assets/index.d5be7413.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 17:27:02 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
25764
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8258
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 23:55:34 GMT
server
AmazonS3
etag
"bad017e8b71d8ecb7e072422fc41c8db"
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
b-CVxVA_x1d6hQiOPNM0p3IuOmtMX9TAFqxl3FVhjeAARHKvJa18hA==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a83371602c19c97674ec9f6ac7cbf60abc825f8288b3a3d73a9c992596f08194

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/webp
boise.js
go.ezodn.com/detroitchicago/ 		926 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/boise.js?gcb=195-0&cb=2
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0dc9f241ec7f0549db655a6d4aaa8c5540e5c82a1c908b8b83750e6853cd2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 11 Nov 2023 04:49:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
339557
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6u9j9qtOPl0ptMR2iJsrK86u%2FqcVEJvDKsq9%2BjHrCZwZJ9yquKWUpPXxqsS%2BVA7W92EOmGgZ2UbzflPqFjLE%2F1obhQdAu6ToLn%2BcXZTfn2lOXZhcBfaaqQRO2vXZFklgYFHPm0qhKBAx%2FZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63d89d8367f-FRA
alt-svc
h3=":443"; ma=86400
abilene.js
go.ezodn.com/parsonsmaize/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01d53596221a10ad89cd142297dd43310bbe0531fe4694fd590fdbeebf5a18d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 21:36:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
237925
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eohvz9AKNCtKtFun7qk0mLuA9QB1mjuOQnHWrTVkDqKYrdxLOz1ERtQ0Qh6Veef8NTwqZ6dO2ppv%2BbDnxzPNlN4pcrXPL1ZMEJU%2F2qEym3CsNWdm%2BB1F87ZLE0JOWISxZqhLB8W5MNXQbSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63d89da367f-FRA
alt-svc
h3=":443"; ma=86400
et.js
go.ezodn.com/porpoiseant/ 		1 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/et.js?gcb=195-0&cb=2
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 07:43:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
499160
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCq6LQE%2FHhAaB0zE5XxKWTVGnbb3%2FrAKgP36rP7THgNtDK7E8%2BLe4o6O4%2FOiT4zcGAZV0ijJ3hfKeVivQuUxKOZlNG%2BC22hCAEjsUVQWCl8DR9xcfgcZ4PjEhQkuK1lBEPyEJvic0pwN6xs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63d89d7367f-FRA
alt-svc
h3=":443"; ma=86400
jellyfish.js
go.ezodn.com/porpoiseant/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300e2db7f019d940ffcb00bff1342eeeab8b4c44806e34b91f9e2c49432171aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 21:47:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
594635
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QOdGc7mrqNxNqBtbD%2BcMun%2FQcnXaO%2BgBuMxOsQ8vb2QByHqtOU64o42n%2F%2F9ngjO06cCdD1YUSSUjX%2FSjGJQ6TUmKLKrOE7sGKvYD6BpkRzrCOVNGs0LJDuCfiAERZXL8TP4UV5XQnpaedk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63d89d1367f-FRA
alt-svc
h3=":443"; ma=86400
tortoise.js
go.ezodn.com/beardeddragon/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/beardeddragon/tortoise.js?gcb=0&cb=10
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea07afd59f660225e82c177586447bf9960c48e6b1beb9b810e27a0be16ed9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Nov 2023 20:06:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
102599
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmpzAii2ObhcCQZLPZDrhuuZ0Qi8BRhyPNGvzyvWY%2Fw5bYS3%2B7aFyxaM4x01ww3Vs6HNY2E1gbMAW8nA13GJqJXhjhMIueYTEdhPqGX7zaTWgef2FPj8UeF4bigfdHLUjLJX6uHHeiVLBi4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63d89d6367f-FRA
alt-svc
h3=":443"; ma=86400
armadillo.js
go.ezodn.com/beardeddragon/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/beardeddragon/armadillo.js?gcb=0&cb=30
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270d68c001d05e764b3ccd047bedf93a8376bfd08b44124a67b9fa31e335cea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Nov 2023 20:06:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
102585
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiqVRp3Tz0%2Fx0UJbzAZRMmlpFIUm9yl49br8QU8U4%2BbuGQwNv975AupVHqZsS34oj5O0Egwox2o27o%2F9RzhVqMcXciKba1FCZDQyt7nuXdG5O5tXnE3KltKhKRxu%2BPuehLXlwzunhzPlV90%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63d89d4367f-FRA
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CLZMQVD9BX&gtm=45je3b81v9104734233&_p=1700181385022&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1574781533.1700181386&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700181385&sct=1&seg=0&dl=https%3A%2F%2Fgenshindle.com%2F&dt=Genshindle%20-%20Wordle%20game%20with%20Genshin%20Impact%20characters&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=951
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CLZMQVD9BX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 00:36:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://genshindle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-2543854667643786
fundingchoicesmessages.google.com/i/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2543854667643786?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2543854667643786&plah=genshindle.com&bust=31079698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d206a8324ff4925a80166459fb1fc2e6a674184b71566c56642b9dccc0fa627
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k6hATeuFfdWDBGa9CdaZLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-k6hATeuFfdWDBGa9CdaZLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
mulvane.js
go.ezodn.com/parsonsmaize/ 		1002 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-0&cb=5
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 23:10:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1377025
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9sgL9OqrIwZ2L1WYvQYhhzIRcvt86BEeJg61HZbMd3ajipla8ByH1GkPs2GF7X43R3tXncnL87p%2B97690PgZ9163hikXqfm%2FNk4ZQbSKsKVxTJyslAYDvJuptRULnrGZy4UnkJAcaawKpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63f1aaf367f-FRA
alt-svc
h3=":443"; ma=86400
raleigh.js
go.ezodn.com/detroitchicago/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/raleigh.js?gcb=195-0&cb=6
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c5779cae461daba4b2f636f90df6cbf420e8c3dbe5a326bd937e7392c2b8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 07:50:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1379013
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gld0eiekPdG3ERENDkaTB8qoApaXzI6VaTElIikMzDHHl7q4WdcQnMCOzJ9sKf4NcHph765x5l3jEcHsDqP2zYdSygSBueOdYU4RtO3dmGVluoJxVyhHazvYIMNo3KZe5uQwBDPZo9vp7q0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63f1ab0367f-FRA
alt-svc
h3=":443"; ma=86400
vista.js
go.ezodn.com/detroitchicago/ 		821 B
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/vista.js?gcb=195-0&cb=5
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f511fa7924776077436e0e7c47d96a420282192ee4f9c5dc96def26cb856c709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 18:02:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
596930
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul%2FFN69%2FegZuxb6RmM%2B2xs7jpME2B3wXjAC3b1phSkqsFtjCDn%2BxmjhRQeN2zFdRtLuJi8X0JFu38chUM8eL3dVBL%2BlApukhGPy4ywJhb8esmMqDBcAsfrnuV0k2Y7WG5lI2lCVyG2YtmuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63f1ab1367f-FRA
alt-svc
h3=":443"; ma=86400
tampa.js
go.ezodn.com/detroitchicago/ 		723 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/tampa.js?gcb=195-0&cb=5
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2023 05:35:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
510545
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFfg2uvdy628BNrjK7c8FGm9YQ6jKEOaiWYFCGWiXNYx3o%2Be2EhHBb7b2GGrB7GpWoTbdI0x0J4aydgSUQhdjF6SD7svBszg1eOU%2F36nP0%2BWCpX7SYJdeW9XdtnLn2sGAuU%2FG37gVd%2BpiVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63f1ab2367f-FRA
alt-svc
h3=":443"; ma=86400
olathe.js
go.ezodn.com/parsonsmaize/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/olathe.js?gcb=195-0&cb=23
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 21:36:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
339518
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43jZ5kkGvQuMo7riQDIb0dKrp3%2BqP37lQKBbhlsYn3VfxwxFFAusGKUecsYnG9J0A2eD3dKjkGo%2BjiPimCQloIiYvqIO%2FsnBHzbNrK4PS8A145AFNUjauIEjFfHebPLzZCO08toShQtYNPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63f2ac3367f-FRA
alt-svc
h3=":443"; ma=86400
chanute.js
go.ezodn.com/parsonsmaize/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-0&shcb=34
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 01:57:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
341439
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WB8WW9C6LDUu4%2FLDuLwknYMMQnmV4K3xLaKWZ8Q3cORa3w50bS6VYIIrblh8WNr9i6tTcsUXQyCNHYxd8iMIYnbCUh71k%2FZu2D23TzErn%2BsrTSEUyLiUr3ea2sJvGjUiMRJhz95QuJBxhkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63f2ac5367f-FRA
alt-svc
h3=":443"; ma=86400
vitals.js
go.ezodn.com/tardisrocinante/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/tardisrocinante/vitals.js?gcb=195-0&cb=3
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Jan 2023 12:08:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1445377
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnI31hFn4GRXGxbRZaIQQ7J2jxUivEuxsOFtJjghs17JZkvufJnEIE4xeqZ4ysy5Xcv3belXBBrNABjFTtllgVukLAwbi8fwVAR%2B4r0ghQVNfErHEMKpHIc0rTFeKwAi0hSauxoztfsGncs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8273e63f2ac6367f-FRA
alt-svc
h3=":443"; ma=86400
imp.gif
g.ezoic.net/detroitchicago/ 		43 B
196 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/imp.gif
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 00:36:27 GMT
content-encoding
br
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://genshindle.com
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
access-control-allow-headers
Content-Type
content-length
47
expires
Thu, 16 Nov 2023 00:36:27 GMT
AGSKWxU1fJdCu3A2pwewuOMGbypeBBKr1pGr2MgthmLm_WH9-ozEj2UtjOjjyaA4Tom8t-FpfbC4CJoG2lxVeoHP6e26HxdhtaMywICNIL1zGMa8h31RH4DP-zDKjknS0O_t9Z0GoRDShA==
fundingchoicesmessages.google.com/f/ 		362 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU1fJdCu3A2pwewuOMGbypeBBKr1pGr2MgthmLm_WH9-ozEj2UtjOjjyaA4Tom8t-FpfbC4CJoG2lxVeoHP6e26HxdhtaMywICNIL1zGMa8h31RH4DP-zDKjknS0O_t9Z0GoRDShA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwMTgxMzg2LDIzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nZW5zaGluZGxlLmNvbS8iLG51bGwsW1s4LCJOdHM1THZZSW9iayJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42e00f2b2dc488f3e334c3622c95cf6fa467e93af0af74a8af35796ab532ecfc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PHDQ_JV-1ZakDrHXfmiqaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-PHDQ_JV-1ZakDrHXfmiqaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		69 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx-VBI7cufk83j17-qyMs5NHKqYbA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 00:36:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 00:36:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 00:36:26 GMT
rDlRUAkERZYpg-RNp9Uod-_Oq2HWQQftLGOKoHc_bFYQWnme1-8HH1MM4vUStoJ9rH3Ru4lArTOqalbKPC6vj6es7w_gUcEKPflo1woJMM35pc0kNMM=h60
lh3.googleusercontent.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/rDlRUAkERZYpg-RNp9Uod-_Oq2HWQQftLGOKoHc_bFYQWnme1-8HH1MM4vUStoJ9rH3Ru4lArTOqalbKPC6vj6es7w_gUcEKPflo1woJMM35pc0kNMM=h60
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3131074d40f6333d690aef9f113e218c07229e403fc53365eccbd23f202f081d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:54:08 GMT
x-content-type-options
nosniff
age
6138
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7225
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 17 Nov 2023 22:54:08 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: genshindle.com
URL: https://genshindle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://genshindle.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 03:53:37 GMT
x-content-type-options
nosniff
age
592969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 03:53:37 GMT
AGSKWxVjvjHLyArgVlkyyg6hjGFpFxL2AnY_Jc2ZSbPFQCjtauBJvetZdM_QBFTHEKBUb3SFwAUAW5AxFWU-B6dsu9XFJORDyZAhMOVrBK4eQ-l-HOF4xpsOFTs12jRsHzOskLGN3i2Pgw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVjvjHLyArgVlkyyg6hjGFpFxL2AnY_Jc2ZSbPFQCjtauBJvetZdM_QBFTHEKBUb3SFwAUAW5AxFWU-B6dsu9XFJORDyZAhMOVrBK4eQ-l-HOF4xpsOFTs12jRsHzOskLGN3i2Pgw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4AWrs8Qz8n3_oWr2z7XUZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://genshindle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 00:36:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4AWrs8Qz8n3_oWr2z7XUZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://genshindle.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:24:28 GMT
x-content-type-options
nosniff
age
22318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 18:24:28 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://genshindle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:16:19 GMT
x-content-type-options
nosniff
age
22807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 18:16:19 GMT
si
capi.connatix.com/tr/ 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8273e64ffa76699b-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
connatix.player.dc.js
cds.connatix.com/p/378985/ Frame 334D
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
  • https://cds.connatix.com/p/378985/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
1 MB
296 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/378985/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b02e786a1e95f5410bbf624be976311ea07ec01584a293c55b67d8c0a51a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:28 GMT
x-amz-version-id
_ixa0HntPUjoA_NNssp7IyVw3jparMKl
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 11:09:07 GMT
server
cloudflare
etag
W/"0fd695a1266b70df0d1922654f57e870"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8273e6508d939b76-FRA
access-control-allow-headers
range
expires
Sat, 16 Nov 2024 00:36:28 GMT

Redirect headers

date
Fri, 17 Nov 2023 00:36:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/378985/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8273e64ffd599b76-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
cSyncRemoteEntry.js
cds.connatix.com/p/378985/ Frame 334D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/378985/cSyncRemoteEntry.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:29 GMT
x-amz-version-id
aHFBTll6KfYPLaWbxE2fwFwZc716aczT
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 11:09:10 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8273e6518e139b76-FRA
access-control-allow-headers
range
expires
Sat, 16 Nov 2024 00:36:29 GMT
hls.1.3.4.js
cds.connatix.com/a/ 		263 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/a/hls.1.3.4.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914d79b6f14ff4e15bd4e7bf1dc21e6faa81858bab2725bfe887fc607f05afd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:29 GMT
x-amz-version-id
ws06XndfmOp2zalH85__O1iwOecvRZJH
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 09:48:11 GMT
server
cloudflare
etag
W/"079b47327253321777ad84cf66951fc9"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8273e6518e189b76-FRA
access-control-allow-headers
range
expires
Sat, 16 Nov 2024 00:36:29 GMT
player.css
cds.connatix.com/p/378985/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/378985/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d73606583c8e2ee4ed7904fec49734d6138cf4b310c22c2049ec7b63556a1dd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:29 GMT
x-amz-version-id
DHycosnmYqAh6DpaT5k0LCUftMgh_lxW
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 11:09:08 GMT
server
cloudflare
etag
W/"24ebc8ae1a448c0f1b8f4b4d7b572438"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8273e6519e1c9b76-FRA
access-control-allow-headers
range
expires
Sat, 16 Nov 2024 00:36:29 GMT
952.js
cds.connatix.com/p/378985/ Frame 334D 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/378985/952.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/378985/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:29 GMT
x-amz-version-id
Tyq.DjoKZ7BzLoawdFZVDamDyrjxhEER
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 11:09:10 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8273e651a9821ac7-FRA
access-control-allow-headers
range
expires
Sat, 16 Nov 2024 00:36:29 GMT
402.js
cds.connatix.com/p/378985/ Frame 334D 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/378985/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/378985/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1cf560a4e42b1321a32a04030dddb56c511f0e7493718f82cfd1797e5aa9a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:29 GMT
x-amz-version-id
ShVyzz1P0kf_yYpPsIMCfiyJyq6jbv3r
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 11:09:10 GMT
server
cloudflare
etag
W/"04982ce209e45ea5b9d8a2076bc96397"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8273e651a9851ac7-FRA
access-control-allow-headers
range
expires
Sat, 16 Nov 2024 00:36:29 GMT
sync
capi.connatix.com/core/ Frame 334D
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7be62659fa9f70134339a3ca07d98613180e12f18ab03259074e35f5ac9f8fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://genshindle.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8273e65258cf9ba6-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 17 Nov 2023 00:36:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
access-control-allow-origin
https://genshindle.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8273e6520b27699b-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
27
alt-svc
h3=":443"; ma=86400
pls
capi.connatix.com/core/ Frame 334D 		37 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=378985&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eecf6fa438f55d5d2c63495220b3565dddb5b68ef4ada535e34f2c6a8b0daae6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Nov 2023 00:36:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://genshindle.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8273e6521b2d699b-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
1_media.bin
vid.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/f2590cdd-0bb5-401c-a109-f286e7a52d32/ Frame 334D 		0
0
blockedDomains_1.bin
lit.connatix.com/aa0f11f7-035a-4999-9d0a-efd10d585b22/ Frame 334D 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca82734c2f935018b2872c0e78f37d2d610f654ad1d311cf07ff93c2d1653f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://genshindle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31385
x-xss-protection
0
server
cafe
etag
182 / 19678 / 31079657 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 00:36:29 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 334D 		0
0
elements.ui.ad0618759317b3e0620c.js
cds.connatix.com/p/378985/ Frame 334D 		0
0
prebid8.20.0-1.js
cds.connatix.com/p/plugins/ 		638 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid8.20.0-1.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8623be0d7e4885c0e014ba9ca2036cef10b6f4f5d0ba5e1bf3fadb03cc147e8c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 17 Nov 2023 00:36:29 GMT
x-amz-version-id
.uj4OI9.jATtKip6tOjrIiCkwhMF7two
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 Oct 2023 13:51:43 GMT
server
cloudflare
etag
W/"c4c392e90e5d3c4bd50ad339048893ec"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
8273e6538ab11ac7-FRA
access-control-allow-headers
range
expires
Sat, 16 Nov 2024 00:36:29 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 17:37:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
25160
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 17:37:09 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CLZMQVD9BX&gtm=45je3b81v9104734233&_p=1700181385022&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1574781533.1700181386&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700181385&sct=1&seg=0&dl=https%3A%2F%2Fgenshindle.com%2F&dt=Genshindle%20-%20Wordle%20game%20with%20Genshin%20Impact%20characters&en=scroll&epn.percent_scrolled=90&_et=75&tfd=6043
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CLZMQVD9BX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 00:36:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://genshindle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/f2590cdd-0bb5-401c-a109-f286e7a52d32/1_media.bin
Domain
lit.connatix.com
URL
https://lit.connatix.com/aa0f11f7-035a-4999-9d0a-efd10d585b22/blockedDomains_1.bin
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/378985/elements.ui.ad0618759317b3e0620c.js

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| gtag object| dataLayer object| exports object| global object| $cookies boolean| __VUE__ object| ezstandalone object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| ezStandaloneDefine string| ezStandaloneCookies boolean| _ez_sa object| __ez object| ezasVars boolean| __ezasAggressive object| _ezim_d object| _ezaq number| did string| ezoTemplate function| create_ezolpl function| attach_ezolpl number| __cnxiid string| __cnxau function| handleResponsiveAdsense function| ezasBuild function| ezasvEvent function| ezaslEvent function| ezoAdBackFill object| ezaslWatch object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoGetSlotNum function| ezoSTPixelFire string| ezdomain object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run undefined| hREED function| __ezDotData function| getEzErrorURL function| reportEzError object| ct object| ezdent object| ezDenty object| ezua object| ezuxgoals function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| _ezfd function| __ez_get_footer_height function| __ez_set_outstream_floor function| __ez_auto_adjust_outstream_float function| __ez_outstream_player_tracking function| pixelData function| __ez_outstream_float_destroy number| ez_tos_track_count number| ez_last_activity_count object| metricNameMap function| ezlogVital object| webVitals function| initEzux object| riveted object| ezux object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MmU5N2ZiNTg0YjJlMjNlYWxvYWRlcl9qcw== string| MmU5N2ZiNTg0YjJlMjNlYWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| perf_vals function| cnx object| cnx_player_usr_storage object| cnxAsyncChunks object| cnx_usr_storage object| player_instance_5cf0be8dcaff4f5d83cf1f8d87d36bee object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| cnxProxyTask object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet function| cnxAddEventListener

14 Cookies

Domain/Path Name / Value
.genshindle.com/ Name: ezoadgid_527904
Value: -1
.genshindle.com/ Name: ezoref_527904
Value:
.genshindle.com/ Name: ezosuibasgeneris-1
Value: 88c8fb47-d197-4988-48db-d53d252edd07
.genshindle.com/ Name: ezoab_527904
Value: mod82
.genshindle.com/ Name: lp_527904
Value: https://genshindle.com/
.genshindle.com/ Name: ezovuuidtime_527904
Value: 1700181385
.genshindle.com/ Name: ezovuuid_527904
Value: 524e667a-0c86-4b13-52ca-5c6e54c94b22
.genshindle.com/ Name: active_template::527904
Value: pub_site.1700181385
.genshindle.com/ Name: ezopvc_527904
Value: 1
.genshindle.com/ Name: ezepvv
Value: 0
.genshindle.com/ Name: _ga
Value: GA1.1.1574781533.1700181386
.genshindle.com/ Name: _ga_CLZMQVD9BX
Value: GS1.1.1700181385.1.0.1700181385.0.0.0
genshindle.com/ Name: ezux_lpl_527904
Value: 1700181386492|1ce1f7c9-be60-4184-72e2-f87b02571e04|false
.connatix.com/ Name: cnx_userId
Value: 5a30e94e7e7d4ddbb9ece176eda26b6d

2 Console Messages

Source Level URL
Text
javascript warning URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid8.20.0-1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid8.20.0-1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

capi.connatix.com
cd.connatix.com
cds.connatix.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.ezoic.net
genshindle.com
go.ezodn.com
googleads.g.doubleclick.net
imasdk.googleapis.com
lh3.googleusercontent.com
lit.connatix.com
pagead2.googlesyndication.com
r0dzj0rsx7.execute-api.eu-central-1.amazonaws.com
region1.google-analytics.com
securepubads.g.doubleclick.net
vid.connatix.com
www.ezojs.com
www.googletagmanager.com
cds.connatix.com
imasdk.googleapis.com
lit.connatix.com
vid.connatix.com
104.18.41.104
172.64.146.152
2001:4860:4802:34::36
2600:9000:206f:4800:6:1143:84c0:93a1
2600:9000:206f:bc00:6:1143:84c0:93a1
2606:4700:3034::6815:3f6a
2606:4700:e2::ac40:890f
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a05:d014:776:a63d:6339:2a28:fc90:eea
3.123.237.108
02fa333489e24668cd06dc0f6c211619da672eb06bf6f7614deca9c77aeaf44f
062dc92329688aaec2a25116cc8ec8ea7d897c4db23f818a3a45def54bee7971
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
10c5779cae461daba4b2f636f90df6cbf420e8c3dbe5a326bd937e7392c2b8df
1825d6891ec6f9d1c3ab9566e9c37deb3be65f3ae0a1d928bf9fd30da3038305
18efa46cb1fa2c6cf4461ffcf16cf38a2d57856947ce937320ab2e3aa8b5a20f
20ea2cc3ef71f2754c5b230989a45a29b8b1c1bf84ae45c5cf0325044cb0f796
253daa866159262b420d98d43dbfc8560a67744462ec3023aa2c5609841f7b77
270d68c001d05e764b3ccd047bedf93a8376bfd08b44124a67b9fa31e335cea8
2b140075787fa6631d76025ee3ca631108d37a16f1830ee9d3e36285a9444a35
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9
2e1865efbfcc65d2399fd1c7dce1fc0229fa23c467a4cabe4760eedb982574d6
2ea07afd59f660225e82c177586447bf9960c48e6b1beb9b810e27a0be16ed9a
300e2db7f019d940ffcb00bff1342eeeab8b4c44806e34b91f9e2c49432171aa
3131074d40f6333d690aef9f113e218c07229e403fc53365eccbd23f202f081d
32a4364ef1ef3423b27ceb49bc56c5afe08fc9c3ee4f1870d4c35a855ce6bab1
3cd3621f9642e87004aceab46da9170d40473eed960d3d8bd807a40ed4db5b16
40d16f46777e82f9e7f546e142f9d9e284f01ee903e06f7d54139544aec075c1
42e00f2b2dc488f3e334c3622c95cf6fa467e93af0af74a8af35796ab532ecfc
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
44136385362e92c4c151078e6ea8febc1dd9fb2f70815d1c214a6387672f5df0
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4faa335b7ab17b3a88acc1b888f2e1cf19dfd0e08dde8bd6a0ed38de7b554f9c
5d65f652f60774969e9f9879652021dacd7407b7377f92ae0c53aa967b94a520
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6d206a8324ff4925a80166459fb1fc2e6a674184b71566c56642b9dccc0fa627
6e1cf560a4e42b1321a32a04030dddb56c511f0e7493718f82cfd1797e5aa9a7
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8623be0d7e4885c0e014ba9ca2036cef10b6f4f5d0ba5e1bf3fadb03cc147e8c
8e7fedb41bab6d30b22487a477b0377f5188a0de7155577cc5d7d87575a8a404
9003ce5c65d35feb26f55783944127f6894e3b1407888636c1b2435045370196
914d79b6f14ff4e15bd4e7bf1dc21e6faa81858bab2725bfe887fc607f05afd3
95e016aeeea54d9aa41c7b266e6fd9de9628cdd17bdae16f3ece22ec45f3e1f0
9922f14c85e0275c00c834c706a0a04723d91c606b6224f176fe64481523b755
9b062c4377a8ebbe4b1f326b8d4591e1f6de41d1359f48a59961bbbb8a7961ad
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a7be62659fa9f70134339a3ca07d98613180e12f18ab03259074e35f5ac9f8fb
a83371602c19c97674ec9f6ac7cbf60abc825f8288b3a3d73a9c992596f08194
ab1ae5872d2a54c603ba7d21e58f75a0a0e0e978382ad1445f22ce3d0b5213cc
ac2e35ba691b4e2600238b67073f4593a942a6eb613ad3b9680e8b8d50eac8d6
b01d53596221a10ad89cd142297dd43310bbe0531fe4694fd590fdbeebf5a18d
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b0dc9f241ec7f0549db655a6d4aaa8c5540e5c82a1c908b8b83750e6853cd2cf
bc1f1a40dee35abb70a8f81de033925395d17deae5bf0e34fcf1557b66bee5a5
c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab
c935c792520fc294b8ab35cff08b9357f22aac6895b3532135811efab894ee74
ca82734c2f935018b2872c0e78f37d2d610f654ad1d311cf07ff93c2d1653f16
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd
d1b02e786a1e95f5410bbf624be976311ea07ec01584a293c55b67d8c0a51a02
d5be74132fefac0f08c80b2055e6943c86d52989c9254afd8a478accbef2ef1e
d73606583c8e2ee4ed7904fec49734d6138cf4b310c22c2049ec7b63556a1dd8
d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dbf3dcd7cf209b481f21e90106cb1451b1520ecc2b929782c7d49345b3bb11
e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c
eecf6fa438f55d5d2c63495220b3565dddb5b68ef4ada535e34f2c6a8b0daae6
f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64
f511fa7924776077436e0e7c47d96a420282192ee4f9c5dc96def26cb856c709
f8456e042960c0d377508b3a3ddd2ac486adea0b491eec7c0a3c15f16c57dfc2
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1
ff2e11c738d7fc91dfebfe8b91ef5043258833c3fdeb50bedbaf6e7f4fdb4ee0