urlscan.io logo urlscan.io
SecurityTrails logo

638hax.cloudflareagency.cf Open in urlscan Pro
2606:4700:3034::ac43:885b  Public Scan

Go To Rescan Add Verdict Report
URL: https://638hax.cloudflareagency.cf/
Submission: On September 13 via automatic, source rescanner — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 45 HTTP transactions. The main IP is 2606:4700:3034::ac43:885b, located in United States and belongs to CLOUDFLARENET, US. The main domain is 638hax.cloudflareagency.cf.
TLS certificate: Issued by E1 on September 13th 2022. Valid for: 3 months.
This is the only time 638hax.cloudflareagency.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:3034::ac43:885b (United States)

ASN13335 (CLOUDFLARENET, US)
638hax.cloudflareagency.cf
1    2606:4700:3038::6815:eac9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bootcss.com
1    2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)
crazypeace.github.io
5    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:810::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
resources.blogblog.com
www.blogger.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
217 KB
9 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12613
201 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
5 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
114 KB
4 cloudflareagency.cf
638hax.cloudflareagency.cf
38 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 6949
157 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
650 B
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 15340
134 KB
1 github.io
crazypeace.github.io
3 KB
1 bootcss.com
cdn.bootcss.com — Cisco Umbrella Rank: 61544
31 KB
45 13
Domain Requested by
9 blogger.googleusercontent.com 638hax.cloudflareagency.cf
7 pagead2.googlesyndication.com 638hax.cloudflareagency.cf
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 fonts.gstatic.com 638hax.cloudflareagency.cf
4 638hax.cloudflareagency.cf 638hax.cloudflareagency.cf
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com 638hax.cloudflareagency.cf
www.google-analytics.com
2 www.blogger.com 638hax.cloudflareagency.cf
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 resources.blogblog.com 638hax.cloudflareagency.cf
1 www.gstatic.com 638hax.cloudflareagency.cf
1 crazypeace.github.io 638hax.cloudflareagency.cf
1 cdn.bootcss.com 638hax.cloudflareagency.cf
45 16

This site contains links to these domains. Also see Links.

Domain
zelikk.blogspot.com
www.blogger.com
Subject Issuer Validity Valid
*.cloudflareagency.cf
E1		 2022-09-13 -
2022-12-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-11 -
2023-04-10		 a year crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://638hax.cloudflareagency.cf/
Frame ID: 596418048B990B0A23C169AD84B97ECC
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
Frame ID: 275D41A768041FC5420923C03CF6CFB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&adk=1812271804&adf=3025194257&lmt=1663084576&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202164&bpp=5&bdt=22066&idt=333&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2383304585846&frm=20&pv=2&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=363
Frame ID: B365D27162A8D98CD5983E943E0F4D02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=280&adk=1479354468&adf=2015658718&w=1076&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=1076x280&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202210&bpp=16&bdt=22113&idt=321&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&ga_wpids=UA-223473996-1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XT2k9ASWoI&p=https%3A//638hax.cloudflareagency.cf&dtd=328
Frame ID: 6F020FDB0A5DA27827EE3827C97A0188
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=280&adk=1479354468&adf=4167919536&w=1076&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=1076x280&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202237&bpp=17&bdt=22139&idt=307&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1076x280&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&ga_wpids=UA-223473996-1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=3184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VxMKI2Z59S&p=https%3A//638hax.cloudflareagency.cf&dtd=311
Frame ID: C761B9757F84E2011948461631B4FD03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=280&adk=1479354468&adf=996552018&w=1076&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=1076x280&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202262&bpp=8&bdt=22165&idt=290&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1076x280%2C1076x280&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&ga_wpids=UA-223473996-1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenoEr%7C&abl=CS&pfx=0&fu=32896&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Ra2zAZMmQH&p=https%3A//638hax.cloudflareagency.cf&dtd=306
Frame ID: BD4F75CFA0E0C48B0ACE473B8E081FF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=600&slotname=6853744811&adk=3631144676&adf=2251669638&pi=t.ma~as.6853744811&w=266&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=266x600&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202387&bpp=3&bdt=22290&idt=213&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1076x280%2C1076x280%2C1076x280&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1643&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=YrZ30MfrMS&p=https%3A//638hax.cloudflareagency.cf&dtd=217
Frame ID: 1981F712363643CEA2A47D0AAAFAF615
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8214823AF0A6D965685E3275FAF42D6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4976B7025B5BEF8ADF53A54A634673B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

记不得,憋不住 | Can't Remember, Can't Shut Up

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

100 %
HTTPS

93 %
IPv6

13
Domains

16
Subdomains

14
IPs

2
Countries

923 kB
Transfer

1586 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
638hax.cloudflareagency.cf/ 		219 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:885b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d678ca5271b316a2bf1aa6add07d6ba858b32a774e0b51e06a43647b261f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
74a239a7f878693f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Sep 2022 16:23:03 GMT
expires
Tue, 13 Sep 2022 16:23:03 GMT
last-modified
Tue, 13 Sep 2022 15:56:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1Zx6vI9vVadXY0WfZqY4GDqTjbFZ25pJ2By%2BWyOVCAFV7qThxkdxzXIGFQQZzpceCueTQf9wfWDyiHlQ8mU4wfXCPvvsrPtu5HGf5N1ZX6QIr0VZ2tNYj7yrGUtWqdeqN0pFj%2BRDYHYEtfMr8q4%2BPxpMa2b%2BDKpOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
jquery.min.js
cdn.bootcss.com/jquery/2.1.1/ 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/jquery/2.1.1/jquery.min.js
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-encoding
br
age
2962682
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWCrDpT5QMhE%2FJ6v9e8%2FNFyr2ivDrHsqrQgBmdpDEVycXdqGfZmZCXjHq9d2mX4DGhh593nRNUNk2j4j%2FEtUByontCGlvAtOI345I2XzCvhl8pWe7KIa3snGHNt20b5z0%2FLnaoaIeXSaREd9rpU%3D"}],"group":"cf-nel","max_age":604800}
x-swift-cachetime
77098
content-disposition
inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
x-swift-savetime
Mon, 23 May 2022 22:08:28 GMT
x-m-reqid
EC8AAD5b0X5-v60W
x-m-log
QNM:jjh1902;QNM3/304
etag
W/"Fv_kehbksVUN37o1d8ycyf3IZDr_.gz"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
max-age=2678400
x-qiniu-zone
0
x-qnm-cache
Hit
eagleid
2ff6189d16533595476711492e
expires
Wed, 10 Aug 2022 21:25:02 GMT
x-log
X-Log
date
Tue, 13 Sep 2022 16:23:04 GMT
via
cache19.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache10.us9[0,0,200-0,H], cache9.us9[1,0]
cf-cache-status
STALE
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-reqid
MgcAAACQnxHi0vEW
cf-ray
74a239ae1ae192b7-FRA
x-cache
HIT TCP_HIT dirn:10:246798799, HIT
content-transfer-encoding
binary
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 16 Feb 2016 04:22:56 GMT
server
cloudflare
x-svr
IO
access-control-max-age
2592000
ali-swift-global-savetime
1653334406
timing-allow-origin
*
text-autospace.min.js
crazypeace.github.io/text-autospace.js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crazypeace.github.io/text-autospace.js/text-autospace.min.js
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
4203d092fab999f8c24f34456837d5482ca0bca785fa39b5820a3436f28fdb19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-fastly-request-id
4bb82e2649bda902d978e8407d82d70a53887bcf
date
Tue, 13 Sep 2022 16:23:03 GMT
content-encoding
gzip
age
276
x-cache
HIT
content-length
2427
x-served-by
cache-hhn4030-HHN
access-control-allow-origin
*
last-modified
Sun, 13 Mar 2022 15:12:07 GMT
server
GitHub.com
x-github-request-id
3C08:5763:D696A3:DDF4CA:6320AB1D
x-timer
S1663086184.910586,VS0,VE1
etag
W/"622e09c7-18e2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Tue, 13 Sep 2022 16:19:02 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3475
x-xss-protection
0
last-modified
Wed, 14 Apr 2021 19:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Sep 2022 16:23:04 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae3cca3e9f7787b1b5c7d693914b7d3c8be1479f9547dabbbc22896982690084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57461
x-xss-protection
0
server
cafe
etag
6526383397985412685
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Sep 2022 16:23:04 GMT
email-decode.min.js
638hax.cloudflareagency.cf/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://638hax.cloudflareagency.cf/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:885b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Sep 2022 17:33:45 GMT
server
cloudflare
etag
W/"631b78f9-4d7"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kf7lr7dBGIJzED7Ryu%2B95S3HGG8TvJxCylKRpl7hKGKq%2FOgHYvJMc%2B4n2vkoHlF6sEfXEJOb41PwhWmkp3fCeFXiiC18VZDKCZwT7gzjCqwjdkZVbPeVwqozDjjLo%2BV%2Blh8zc%2Falqletm556QNbuf%2BtKDCrbuVB3Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74a239a9fbea693f-FRA
vary
Accept-Encoding
expires
Thu, 15 Sep 2022 16:23:04 GMT
1829672877-rockpool_compiled.js
resources.blogblog.com/blogblog/data/res/ 		134 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/1829672877-rockpool_compiled.js
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c259d50c72df23879840a256f4c35da1828397832399d6cc1d522ea21027c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 03:04:58 GMT
x-content-type-options
nosniff
age
393486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137034
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 22:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 16 Sep 2022 03:04:58 GMT
cookienotice.js
638hax.cloudflareagency.cf/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://638hax.cloudflareagency.cf/js/cookienotice.js
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:885b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 06:52:30 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cf-ray
74a239ae3ed89b83-FRA
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 15 Sep 2022 08:51:35 GMT
3753684042-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3753684042-widgets.js
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:51:42 GMT
x-content-type-options
nosniff
age
484282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157917
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 22:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 08 Sep 2023 01:51:42 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4885
date
Tue, 13 Sep 2022 15:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 13 Sep 2022 17:02:00 GMT
sprite_v1_6.css.svg
638hax.cloudflareagency.cf/responsive/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://638hax.cloudflareagency.cf/responsive/sprite_v1_6.css.svg
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:885b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 17:57:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
74a23a32cc189b83-FRA
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 20 Sep 2022 00:59:39 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Origin
https://638hax.cloudflareagency.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:08:09 GMT
x-content-type-options
nosniff
age
602116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 17:08:09 GMT
SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v26/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ebgaramond/v26/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Origin
https://638hax.cloudflareagency.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 16:58:48 GMT
x-content-type-options
nosniff
age
84277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20512
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:16:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 16:58:48 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Origin
https://638hax.cloudflareagency.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:08:09 GMT
x-content-type-options
nosniff
age
602116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 17:08:09 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6764f786370109d887f37fb2726a009cabae2bc5518b9b825e2c477a017ef18c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124741
x-xss-protection
0
server
cafe
etag
16413342933767527427
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Sep 2022 16:23:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/ Frame 275D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5892
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 14:45:14 GMT
etag
8616628553774171045
expires
Tue, 27 Sep 2022 14:45:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AVvXsEjO4lxonvbid5iASrgAv57siepKZNQyZq1tNniIVNc7qqiFs2EmaCFDEXSwsR00nuHcQK-KToQ3vJzZSg5prGqvmNn8SlCJLqKK0zqjWur5ptQ15VQ4sfomrjxBfpamSQsyYLf8UqqRHRnAjExjZabQ2OnOb0dSrgycebLaHddTsRaZXsXQan6p5sfU=w612
blogger.googleusercontent.com/img/a/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjO4lxonvbid5iASrgAv57siepKZNQyZq1tNniIVNc7qqiFs2EmaCFDEXSwsR00nuHcQK-KToQ3vJzZSg5prGqvmNn8SlCJLqKK0zqjWur5ptQ15VQ4sfomrjxBfpamSQsyYLf8UqqRHRnAjExjZabQ2OnOb0dSrgycebLaHddTsRaZXsXQan6p5sfU=w612
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
753a5a02122e95055970f51aa975e06c82446241828fab7eb764eaaa81888775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v2e67f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="chrome_2022-02-24_09-21-57.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56255
x-xss-protection
0
expires
Wed, 14 Sep 2022 16:23:26 GMT
chrome_2022-09-08_23-49-43.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEImohbCIyPPfSco0MGjNpecnlxEXHo4RnLzRWCbAyDmyhg2cV9BXKAvoQwCO3jrqEhkkh9jJVwUdEKfI_2LYloEn3JdtD6xHqKjmtRKuN20Z0T14-Q1iFeTEF85eJXk9VPneFDCY42dDqBPSI... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEImohbCIyPPfSco0MGjNpecnlxEXHo4RnLzRWCbAyDmyhg2cV9BXKAvoQwCO3jrqEhkkh9jJVwUdEKfI_2LYloEn3JdtD6xHqKjmtRKuN20Z0T14-Q1iFeTEF85eJXk9VPneFDCY42dDqBPSICoI1aNhUPecVTMeqRApnlW_EkjfbRkLkZwNUhooz/w256-h256-p-k-no-nu/chrome_2022-09-08_23-49-43.png
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
883cd7e80a693459bf48c54633e37beab498cb11ef7d05b6b827ae438f31f56b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v30f58"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="chrome_2022-09-08_23-49-43.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10755
x-xss-protection
0
expires
Wed, 14 Sep 2022 16:23:26 GMT
chrome_2022-08-29_02-43-30.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNrtVGSs9SwAGeTLHZQhlrq7AnHCX6qMGnkctFWUd6QhoFkwy9JxkRZo_980whIa1mgNgfWxbaJqUSdeenY_JAwq_FSZGGBWqZznjFYqVQzpuoc39TYc09lRzpxfqGN-GytI12776-F01cBYli... 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNrtVGSs9SwAGeTLHZQhlrq7AnHCX6qMGnkctFWUd6QhoFkwy9JxkRZo_980whIa1mgNgfWxbaJqUSdeenY_JAwq_FSZGGBWqZznjFYqVQzpuoc39TYc09lRzpxfqGN-GytI12776-F01cBYliiGwctaVHrnaLAwJk4vu3YudOXX-9kkwetHQISWdY/w256-h256-p-k-no-nu/chrome_2022-08-29_02-43-30.png
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2288002c79ad7ccd117b58ff62902284ad65c78d9bf50265308d3f8375760c01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v30f02"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="chrome_2022-08-29_02-43-30.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20704
x-xss-protection
0
expires
Wed, 14 Sep 2022 16:23:26 GMT
chrome_2022-08-28_12-08-11.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpaaOLdgdd2ZRbAhHESRchaR5cuurvll24ODwh4GrS-5CMBhydR9a_q1tiX-aVxl9ebAHmxZQ8YLyyK72cmrWScMGwAsHEMxjD7xs9NidMv0O2h76g03HpLMbm7_L_7mfuRt5dz553N7FNsCP3... 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpaaOLdgdd2ZRbAhHESRchaR5cuurvll24ODwh4GrS-5CMBhydR9a_q1tiX-aVxl9ebAHmxZQ8YLyyK72cmrWScMGwAsHEMxjD7xs9NidMv0O2h76g03HpLMbm7_L_7mfuRt5dz553N7FNsCP318QFnsYJGFQBs5bA7OjUSzla_dt6arxgCPt7Bjfu/w256-h256-p-k-no-nu/chrome_2022-08-28_12-08-11.png
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2027906ba6216fe353dc07fcc2fc36c8e6ab91a99bb705e7cbc4f97ca860e937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v30ef4"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="chrome_2022-08-28_12-08-11.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4894
x-xss-protection
0
expires
Wed, 14 Sep 2022 16:23:26 GMT
chrome_2022-08-27_15-06-58.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc5ddwdUBOhFULk3Z-mf4FxmkEfRbz3d0iU-v7vzQ3VIZl3ML6O-pSmLE_UjB8sdKTg7Gl-WCnoPeYw47naWuDkz3R_SQYVTceThT9gsd2lRA1ZRjWfk4sG2J67xnXl5oj16DsjcFxSH5PU9mp... 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc5ddwdUBOhFULk3Z-mf4FxmkEfRbz3d0iU-v7vzQ3VIZl3ML6O-pSmLE_UjB8sdKTg7Gl-WCnoPeYw47naWuDkz3R_SQYVTceThT9gsd2lRA1ZRjWfk4sG2J67xnXl5oj16DsjcFxSH5PU9mplM1w9WDmbTpudkBMrQUaXoefm8mlW959xsNffFKm/w256-h256-p-k-no-nu/chrome_2022-08-27_15-06-58.png
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5de45751d21727095f8f6449fc377838a2b87d2e1de4e298d44155b5003ced9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v30ef1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="chrome_2022-08-27_15-06-58.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33058
x-xss-protection
0
expires
Wed, 14 Sep 2022 16:23:26 GMT
image.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpoHgEUGs-y3Wrjr49HLXAHRk7A1MuWLT5wKDzh9Y_INyFKd7W_IceBjVHhhaLWoqBIfGfgaqhU04esi8FUKtjaclTDeA95k0843_oNXFgMIdzY_yd9pUCmnu0zMN3a1vF2jO2miDAK6N-gSXC... 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpoHgEUGs-y3Wrjr49HLXAHRk7A1MuWLT5wKDzh9Y_INyFKd7W_IceBjVHhhaLWoqBIfGfgaqhU04esi8FUKtjaclTDeA95k0843_oNXFgMIdzY_yd9pUCmnu0zMN3a1vF2jO2miDAK6N-gSXCy8RyER7J-Z5wgz4VKfd_grDYcRpOrLvdfFgIP60m/w256-h256-p-k-no-nu/image.png
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
db0a73d0752b907b8cdaeebd6e2a40302b12da7a4037ed9af2badf18661787ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v30dc4"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15013
x-xss-protection
0
expires
Wed, 14 Sep 2022 16:23:26 GMT
2022-08-19_08-10-02.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivWz9kQ9ulXS_5FhUDxcYqJpiXzH7CELsr21GNm8Uky3tS2UcZlwsnH1OZJpjgEawDU4OuKy9WCkidz_JqXJNnIEqmcnLDLZJ3t-LvT_wH_i3SY4CUtmczsfPl5Z02kd6J-2ps_IXTKV0X5170... 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivWz9kQ9ulXS_5FhUDxcYqJpiXzH7CELsr21GNm8Uky3tS2UcZlwsnH1OZJpjgEawDU4OuKy9WCkidz_JqXJNnIEqmcnLDLZJ3t-LvT_wH_i3SY4CUtmczsfPl5Z02kd6J-2ps_IXTKV0X5170QD9pizJJYLEDWpriIyjw-6-h0S1YIJqgi-klts1Z/w256-h256-p-k-no-nu/2022-08-19_08-10-02.png
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aeb5bf925f4dcdbd98079ac94f447ec32bf8976b9aba8a929a2a32981f105cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v30eb5"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2022-08-19_08-10-02.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17731
x-xss-protection
0
expires
Wed, 14 Sep 2022 16:23:26 GMT
2022-08-19_10-45-42.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwJTnhs5kC8V4us48kb2mAZ2x-UPuSnJP8JyXCUWDtR0jdZlbm7vQHxxkwjU4pSDIycH-xpKTv9GwcaaRIYqVTh-nb5Kx8p1Q_EcFpYBmkwCKNMuFQq8mO6aXVCSgjMC6HTul7CLbdZ-xFKXie... 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwJTnhs5kC8V4us48kb2mAZ2x-UPuSnJP8JyXCUWDtR0jdZlbm7vQHxxkwjU4pSDIycH-xpKTv9GwcaaRIYqVTh-nb5Kx8p1Q_EcFpYBmkwCKNMuFQq8mO6aXVCSgjMC6HTul7CLbdZ-xFKXieBCbvYYmMwu1dtMZnH7pJaWSoGkflGTl1Sig2v2qA/w256-h256-p-k-no-nu/2022-08-19_10-45-42.png
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
76eafe47e8c504ebb462d97d4bdd8b5cf7ab23f8f147a783e98bc484f90afc47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v30ebc"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2022-08-19_10-45-42.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21130
x-xss-protection
0
expires
Wed, 14 Sep 2022 16:23:26 GMT
AVvXsEig1J8Qgrg8WasDgzN44V1YZ_p0LeKr2c-DNQwqfVaFCHSjGBDZQofHniaaYmMbmo4KUpwIr54Btj-Y_lndi-u7qEGBoCmfI8HqF5q1g98vO4fpzw-ZAFZghuOMG0bGxugAG8OVWnQs6H8AT-DalHt2fEOREU0_XK8VYM2UbUWJDf5cndqzVCWjxowp=w256...
blogger.googleusercontent.com/img/a/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEig1J8Qgrg8WasDgzN44V1YZ_p0LeKr2c-DNQwqfVaFCHSjGBDZQofHniaaYmMbmo4KUpwIr54Btj-Y_lndi-u7qEGBoCmfI8HqF5q1g98vO4fpzw-ZAFZghuOMG0bGxugAG8OVWnQs6H8AT-DalHt2fEOREU0_XK8VYM2UbUWJDf5cndqzVCWjxowp=w256-h256-p-k-no-nu
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
05466a484ea9766b011a37bff8486273ba713026ba55386550264bee36625007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v2e8db"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_____20220226205513.jpg";filename*=UTF-8''%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20220226205513.jpg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24405
x-xss-protection
0
expires
Wed, 14 Sep 2022 16:23:26 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=334277059&t=pageview&_s=1&dl=https%3A%2F%2F638hax.cloudflareagency.cf%2F&ul=en-us&de=UTF-8&dt=%E8%AE%B0%E4%B8%8D%E5%BE%97%EF%BC%8C%E6%86%8B%E4%B8%8D%E4%BD%8F%20%7C%20Can%27t%20Remember%2C%20Can%27t%20Shut%20Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1227424447&gjid=463841667&cid=2042981656.1663086202&tid=UA-223473996-1&_gid=193663458.1663086202&_r=1&_slc=1&z=1502150720
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://638hax.cloudflareagency.cf/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://638hax.cloudflareagency.cf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Origin
https://638hax.cloudflareagency.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options
nosniff
age
77572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 18:50:34 GMT
blogger_logo_round_35.png
www.blogger.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 09:12:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Sep 2022 14:56:25 GMT
server
sffe
age
457832
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2531
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 15 Sep 2022 09:12:54 GMT
cookie.js
partner.googleadservices.com/gampad/ 		223 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=638hax.cloudflareagency.cf&callback=_gfp_s_&client=ca-pub-2351123213541849
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ec86bdfc62e0e18034ba07a0b57bcf25fba17ff94b87507f0834781e4d955a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=638hax.cloudflareagency.cf
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Sep 2022 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=638hax.cloudflareagency.cf
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Sep 2022 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: 638hax.cloudflareagency.cf
URL: https://638hax.cloudflareagency.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Sep 2022 16:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B365 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&adk=1812271804&adf=3025194257&lmt=1663084576&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202164&bpp=5&bdt=22066&idt=333&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2383304585846&frm=20&pv=2&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=363
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 16:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6F02 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=280&adk=1479354468&adf=2015658718&w=1076&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=1076x280&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202210&bpp=16&bdt=22113&idt=321&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&ga_wpids=UA-223473996-1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XT2k9ASWoI&p=https%3A//638hax.cloudflareagency.cf&dtd=328
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 16:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C761 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=280&adk=1479354468&adf=4167919536&w=1076&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=1076x280&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202237&bpp=17&bdt=22139&idt=307&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1076x280&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&ga_wpids=UA-223473996-1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=3184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VxMKI2Z59S&p=https%3A//638hax.cloudflareagency.cf&dtd=311
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 16:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BD4F 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=280&adk=1479354468&adf=996552018&w=1076&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=1076x280&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202262&bpp=8&bdt=22165&idt=290&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1076x280%2C1076x280&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&ga_wpids=UA-223473996-1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenoEr%7C&abl=CS&pfx=0&fu=32896&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Ra2zAZMmQH&p=https%3A//638hax.cloudflareagency.cf&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 16:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1981 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=600&slotname=6853744811&adk=3631144676&adf=2251669638&pi=t.ma~as.6853744811&w=266&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=266x600&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202387&bpp=3&bdt=22290&idt=213&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1076x280%2C1076x280%2C1076x280&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1643&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=YrZ30MfrMS&p=https%3A//638hax.cloudflareagency.cf&dtd=217
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 16:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
779e5eca208c075749bae024839fed0d44a85d28f837a60e73eae7894baa3203
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Sep 2022 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11139
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2351123213541849&plah=638hax.cloudflareagency.cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 16:23:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8214 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://638hax.cloudflareagency.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3027
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 15:33:00 GMT
expires
Wed, 13 Sep 2023 15:33:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4976 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
705d34d27f862c5a508d3fe624f63578d40613aeadf6d82811ff42057b35611d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dYts6hOO1lLII2Nnlg_7QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://638hax.cloudflareagency.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-dYts6hOO1lLII2Nnlg_7QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 16:23:27 GMT
expires
Tue, 13 Sep 2022 16:23:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 8214 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 15:06:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4976 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220908&jk=2532481392567122&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8214 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WdSwUQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 16:23:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220908&jk=2532481392567122&bg=!09Cl0JTNAAZTikH4c4o7ACkAdvg8WmqfWl1fAJixMiJNxA1yX5zAq7n3WCTpcDA43b3DvzVfZvTXLwIAAAB_UgAAAAFoAQcKAH6q1s5qcsoeV3FYGfi14gp0gBtwfK81R9dhhuIGsolEGRV9Eb9r2PbZV0cp9Cn2uscFUXOpeK1A-uwdKrB0mPFhENqEOwTiBmDZGl8t2qgfoKkN46pWzpdxawmxWd12B0C3VvjNjtKVP9IMAsskLCIsL69UTgnk3tRGPLaRWKKZAuf61nshcj8RQa88RPNppXbgS9JIacek73h1GpYyp7Jzs5B-60RjHg2Gashrq55ApaIN5hvrJJ6U_TJHG14nE5EervoTNDpQc7hgubw14K_xvjZ8OHeQjhnlk3yA8j4bLXICCxvXzsz23g0Zme35FFIpcPTiClLqGiKqJn0OGZ7bmkIzHJ0PcbQ2QgNRSEkjpJkSeXtyHehwai6_jNx0yE3OcTSeZlIPP36qvJ73Bkf3s0d-1OXc44ShER0WgxHTKUk-0TaSN-6j_nbrGsA78copuZ9OE8XI1X85urPoiSx1MeHr8oYNzL8SIxH-t7m-FVpUH5svqr0FS_bK_WCNheOSiQNhopKPNuauUS_euepaks0dT9cyHPG_LK5V-7esyEIBWqkPDemsuxSaMxrKBx5YKxch-8VXxdfIaZJut79VezCmdcQiCJbQHsdI9gUzUOTnZIiERvO5ARqqJcQ0QOtHSmORyKRM5cy0B9TYDzZezpeiX90Jld5ZOHnXbL3iQThBK04VRCopEjfyjoEOyJvmLLreFiAaLYRhaM08_DVKN5cisWUSTctNRKfWlUMyUqom82RJtyAYIM3UlOR1iddrQAvVb8edutBDZF0Z326DX1l7kXeXmIgwHkz4SJWwH2Vv63wn3hgC5MmpsRYogRpZXx4GUycUkSbdzsaNLvp0doOY1nRpU069rLLOHDujZIn4gbBoHZBXYi6kLNjDTUWxujuVpa11iop6iQe155lWns4WzpsY1rEfGy9R_3euKUBotRQ8kCLyIgh61r9shjnM_kk8YSj1tSP6Ho8XFgHgJUHLAC8Ay2-Y4nc3icafBxuTH4Aur9cB3xgQm2i5uzczTOAufb0H52knHqU4MU2otPjflku87cvZxb4HzD1i-z8GPnhwnn7x5V9jkddYbzdSjZwxPuhkSdKOWpch_Wko3Nxx_3RTc29Mb1088WMm6_O6-Tk049Ts_tsZ1J0rV0AAVH-tgsnBaA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://638hax.cloudflareagency.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| init function| findAndReplaceDOMText string| GoogleAnalyticsObject function| ga object| adsbygoogle function| ClipboardJS object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint number| google_lpabyc object| gaplugins object| gaGlobal object| gaData function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_683006 object| cookieChoices function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.cloudflareagency.cf/ Name: _ga
Value: GA1.2.2042981656.1663086202
.cloudflareagency.cf/ Name: _gid
Value: GA1.2.193663458.1663086202
.cloudflareagency.cf/ Name: _gat_blogger
Value: 1
.cloudflareagency.cf/ Name: __gads
Value: ID=b816f47b63fe3581-22ee25aa1cce00b7:T=1663086206:RT=1663086206:S=ALNI_MaWsWrCPJRfGdEii0IPD-v1XGeOrw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

5 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&adk=1812271804&adf=3025194257&lmt=1663084576&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202164&bpp=5&bdt=22066&idt=333&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2383304585846&frm=20&pv=2&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=363
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=280&adk=1479354468&adf=4167919536&w=1076&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=1076x280&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202237&bpp=17&bdt=22139&idt=307&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1076x280&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&ga_wpids=UA-223473996-1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=3184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VxMKI2Z59S&p=https%3A//638hax.cloudflareagency.cf&dtd=311
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=280&adk=1479354468&adf=2015658718&w=1076&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=1076x280&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202210&bpp=16&bdt=22113&idt=321&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&ga_wpids=UA-223473996-1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=301&ady=1303&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XT2k9ASWoI&p=https%3A//638hax.cloudflareagency.cf&dtd=328
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=280&adk=1479354468&adf=996552018&w=1076&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=1076x280&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202262&bpp=8&bdt=22165&idt=290&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1076x280%2C1076x280&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&ga_wpids=UA-223473996-1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenoEr%7C&abl=CS&pfx=0&fu=32896&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Ra2zAZMmQH&p=https%3A//638hax.cloudflareagency.cf&dtd=306
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2351123213541849&output=html&h=600&slotname=6853744811&adk=3631144676&adf=2251669638&pi=t.ma~as.6853744811&w=266&fwrn=4&fwrnh=100&lmt=1663084576&rafmt=1&psa=0&format=266x600&url=https%3A%2F%2F638hax.cloudflareagency.cf%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663086202387&bpp=3&bdt=22290&idt=213&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1076x280%2C1076x280%2C1076x280&nras=1&correlator=2383304585846&frm=20&pv=1&ga_vid=2042981656.1663086202&ga_sid=1663086203&ga_hid=334277059&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1643&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2532481392567122&tmod=1302863517&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfEe%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=YrZ30MfrMS&p=https%3A//638hax.cloudflareagency.cf&dtd=217
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

638hax.cloudflareagency.cf
adservice.google.com
adservice.google.de
blogger.googleusercontent.com
cdn.bootcss.com
crazypeace.github.io
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
resources.blogblog.com
tpc.googlesyndication.com
www.blogger.com
www.google-analytics.com
www.google.com
www.gstatic.com
142.250.185.130
2606:4700:3034::ac43:885b
2606:4700:3038::6815:eac9
2606:50c0:8003::153
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2009
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2004
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05466a484ea9766b011a37bff8486273ba713026ba55386550264bee36625007
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
2027906ba6216fe353dc07fcc2fc36c8e6ab91a99bb705e7cbc4f97ca860e937
2288002c79ad7ccd117b58ff62902284ad65c78d9bf50265308d3f8375760c01
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4203d092fab999f8c24f34456837d5482ca0bca785fa39b5820a3436f28fdb19
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5de45751d21727095f8f6449fc377838a2b87d2e1de4e298d44155b5003ced9c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6764f786370109d887f37fb2726a009cabae2bc5518b9b825e2c477a017ef18c
705d34d27f862c5a508d3fe624f63578d40613aeadf6d82811ff42057b35611d
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
753a5a02122e95055970f51aa975e06c82446241828fab7eb764eaaa81888775
76eafe47e8c504ebb462d97d4bdd8b5cf7ab23f8f147a783e98bc484f90afc47
779e5eca208c075749bae024839fed0d44a85d28f837a60e73eae7894baa3203
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
883cd7e80a693459bf48c54633e37beab498cb11ef7d05b6b827ae438f31f56b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
96d678ca5271b316a2bf1aa6add07d6ba858b32a774e0b51e06a43647b261f0d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae3cca3e9f7787b1b5c7d693914b7d3c8be1479f9547dabbbc22896982690084
aeb5bf925f4dcdbd98079ac94f447ec32bf8976b9aba8a929a2a32981f105cc5
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
db0a73d0752b907b8cdaeebd6e2a40302b12da7a4037ed9af2badf18661787ff
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec86bdfc62e0e18034ba07a0b57bcf25fba17ff94b87507f0834781e4d955a5a
f1c259d50c72df23879840a256f4c35da1828397832399d6cc1d522ea21027c1